[11938] in Kerberos-V5-bugs
[krbdev.mit.edu #6886] SVN Commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Mon Mar 28 19:35:57 2011
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Greg Hudson via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6886@krbdev.mit.edu>
Message-ID: <rt-6886-33923.0.689990986905045@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6886'":;"'AdminCc of krbdev.mit.edu Ticket #6886'":;@MIT.EDU
Date: Mon, 28 Mar 2011 19:35:55 -0400 (EDT)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Remove the weak key checks from the builtin rc4 enc provider. There
is no standards support for avoiding RC4 weak keys, so rejecting them
causes periodic failures. Heimdal and Microsoft do not check for weak
keys. Attacks based on these weak keys are probably thwarted by the
use of a confounder, and even if not, the reduction in work factor is
not terribly significant for 128-bit keys.
http://src.mit.edu/fisheye/changelog/krb5/?cs=24750
Commit By: ghudson
Revision: 24750
Changed Files:
U trunk/src/lib/crypto/builtin/enc_provider/rc4.c
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
