[1522] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Why can you not rename a random key with the new admin server?

daemon@ATHENA.MIT.EDU (Mark Eichin)
Thu Aug 8 02:00:40 1996

To: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Cc: Sam Hartman <hartmans@MIT.EDU>, Marc Horowitz <marc@MIT.EDU>,
        epeisach@MIT.EDU, krbcore@MIT.EDU
From: Mark Eichin <eichin@MIT.EDU>
Date: 08 Aug 1996 02:00:21 -0400
In-Reply-To: "Theodore Y. Ts'o"'s message of Wed, 7 Aug 1996 21:59:29 -0400

> The basic idea is that the no-salt type is intended to be used only for
> V4 compatibility.  In general, you *do* want to use a salt.

No, the basic idea is that the no-salt type is for *random* keys,
where there is *no* corresponding password and therefore no need for a
salt.  The v4 compatibility case is different, but only in semantics.

Certainly you want a salt in general *when* you have a password.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[1522] in Kerberos_V5_Development

Re: Why can you not rename a random key with the new admin server?

daemon@ATHENA.MIT.EDU (Mark Eichin)Thu Aug 8 02:00:40 1996

daemon@ATHENA.MIT.EDU (Mark Eichin)
Thu Aug 8 02:00:40 1996