[16399] in Kerberos_V5_Development
Re: random to key from password
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Mon Sep 27 17:45:42 2010
Date: Mon, 27 Sep 2010 16:44:53 -0500
From: Nicolas Williams <Nicolas.Williams@oracle.com>
To: Sam Hartman <hartmans@mit.edu>
Message-ID: <20100927214453.GT9501@oracle.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <tsl1v8evpgm.fsf@live.suchdamage.org>
Cc: lha@h5l.org, Russ Allbery <rra@stanford.edu>, krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Mon, Sep 27, 2010 at 05:36:25PM -0400, Sam Hartman wrote:
> Does anyone actually want MIT's behavior of conflating requires_preauth
> behavior for servers and clients or should we split those out into
> separate flags?
Yes.
> So, even now I'm not convinced that implementing random_to_key in terms
> of random_pass would be bad.
I agree: there's no known attack now that can recover the password
without recovering the key, and such an attack seems unlikely, with a
mitigation coming soon (the ability to require pre-auth separately for
the client and server cases).
> I do think it is more complicated than I at first thought, but the
> benefits may justify it.
The main benefit of radomized passwords over randomized keys is better
synchronization/interop with AD. It's not that big a deal to me -- I've
never needed the ability to synchronize service principals' passwords.
Mostly I think this is a simplification for that case, but I don't think
it's a case that should be ignored either.
Nico
--
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
