[16791] in Kerberos_V5_Development
Re: GSS MIC problems between Unix and Windows
daemon@ATHENA.MIT.EDU (Tom Yu)
Tue May 3 16:01:29 2011
To: Richard Evans <richard.evans@datanomic.com>
From: Tom Yu <tlyu@mit.edu>
Date: Tue, 03 May 2011 16:01:10 -0400
In-Reply-To: <4DC03D25.7080904@datanomic.com> (Richard Evans's message of "Tue,
03 May 2011 18:36:37 +0100")
Message-ID: <ldvwri7tuyh.fsf@cathode-dark-space.mit.edu>
MIME-Version: 1.0
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Richard Evans <richard.evans@datanomic.com> writes:
> I suspect that Windows is interpreting the standard slightly differently
> ... given that MIT krb5 and the Java implementation interact fine.
>
> I was just hoping that there was some trick to resolve this.
If Wrap and Unwrap succeed but VerifyMIC doesn't on the same GSS
context, that sounds like a bug.
Also, to draw any conclusions from the RFC 1964 vs RFC 4121 token
format, we would need to see what enctype got negotiated (e.g. by
looking at the AP-REP message for the corresponding MIC tokens).
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
