[2996] in Kerberos-V5-bugs
Re: telnet/656: telnet does not check for remote subkey during authentication
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Mon Nov 9 23:28:10 1998
Date: Tue, 10 Nov 1998 04:22:37 GMT
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: krb5-bugs@MIT.EDU, fcusack@iconnet.net
Cc: hartmans@MIT.EDU, gnats-admin@RT-11.MIT.EDU, krb5-prs@RT-11.MIT.EDU
In-Reply-To: fcusack@iconnet.net's message of Fri, 6 Nov 1998 17:49:02 -0500,
<199811062249.RAA05937@rt-11.MIT.EDU>
Date: Fri, 6 Nov 1998 17:49:18 -0500 (EST)
From: fcusack@iconnet.net
>Description:
telnet client always uses local subkey as the encryption key
[for encrypted telnet sessions]. However, if the remote side
sends back it's own subkey, it should use that instead. Not
a problem against MIT telnetd, since the remote subkey is
always identical to the local, but other telnetd's may not
do the same thing.
>How-To-Repeat:
I don't know of any telnetd's that actually do this, the problem
is not one that I have seen in actual use.
I don't want to apply this patch, because to do so would imply a
protocol change. The protocol has always been that the client could set
the session key, but not the server. Kerberos V5 subsession key
semantics were never defined in RFC-1510, and while I don't like how
telnet negotiates the subsession key (if anything, it *should* be the
server that picks the key to be used for encryption, not the client),
changing it at this point would only cause massive interoperability
problems.
- Ted
