[32572] in Kerberos
Re: Adding principal from client. Is the password exposed ?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Aug 13 08:17:30 2010
From: Greg Hudson <ghudson@mit.edu>
To: Use Nas <usenas@gmail.com>
In-Reply-To: <AANLkTinJmTGoZZMC_wcUAU90819=2SDeVanNfgrsMnoe@mail.gmail.com>
Date: Fri, 13 Aug 2010 08:16:26 -0400
Message-ID: <1281701786.8066.869.camel@ray>
Mime-Version: 1.0
Cc: "kerberos@MIT.EDU" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Fri, 2010-08-13 at 04:03 -0400, Use Nas wrote:
> Thanks Greg. Does GSSRPC use any open encryption standard Or is it
> just internal to MIT kerberos. I would like to understand it a bit
> more and make sure that there are no security vulnerbaility here.
The relevant standards would be:
RFC 2203 and 5403 (RPCSEC_GSS)
RFC 5531 (RPC)
RFC 1964 and 4121 (GSSAPI krb5 mechanism)
RFC 4120 (krb5)
RFC 2743 (GSSAPI)
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
