Code review comment for lp:~matej-sekoranja/epics-base/ca-username-change

Minutes from a meeting with Vasu, Ralph, Michael and Andrew.

The server-side implementation of this also needs to be done in the CAS. This is a new API for servers, need to ensure that this doesn't add a security hole to existing servers.

We also need to audit this for security when talking to existing servers that don't support this version, and to old applications built with the new library that haven't implemented the new API.

Ralph says that Murali has a test framework for the gateway where we might be able to implement these kinds of audit tests.

Michael suggests that one possible response to unimplemented methods might be to drop the connection, forcing the client to reconnect with the new username.

This would go into 3.16 which is targeted for a December release, feature complete by early November.