[15949] in Kerberos_V5_Development

home help back first fref pref prev next nref lref last post

Re: krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used

daemon@ATHENA.MIT.EDU (Will Fiveash)
Wed Jun 30 16:33:22 2010

Date: Wed, 30 Jun 2010 15:33:42 -0500
From: Will Fiveash <will.fiveash@oracle.com>
To: "Douglas E. Engert" <deengert@anl.gov>
Message-ID: <20100630203342.GF2232@sun.com>
Mail-Followup-To: "Douglas E. Engert" <deengert@anl.gov>,
	"'krbdev@mit.edu'" <krbdev@mit.edu>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <4C2B984B.60807@anl.gov>
Cc: "'krbdev@mit.edu'" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

On Wed, Jun 30, 2010 at 02:17:31PM -0500, Douglas E. Engert wrote:
> 
> The Solaris 10 provided Kerberos can use AES and does not have this problem,
> as I don't think it is checking the PAC...

You are correct, Solaris 10 Kerberos doesn't examine/check the PAC.

-- 
Will Fiveash
Oracle
Note my new work e-mail address: will.fiveash@oracle.com
http://opensolaris.org/os/project/kerberos/
Sent using mutt, a sweet text based e-mail app: http://www.mutt.org/
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

home help back first fref pref prev next nref lref last post