[16519] in Kerberos_V5_Development
Re: Comments on the checksum vulnerabilities
daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri Dec 3 13:32:06 2010
From: Sam Hartman <hartmans@mit.edu>
To: Greg Hudson <ghudson@mit.edu>
Date: Fri, 03 Dec 2010 13:31:42 -0500
In-Reply-To: <1291398519.20307.237.camel@ray> (Greg Hudson's message of "Fri,
03 Dec 2010 12:48:39 -0500")
Message-ID: <tsl8w06pv1t.fsf@carter-zimmerman.suchdamage.org>
MIME-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>>>>> "Greg" == Greg Hudson <ghudson@MIT.EDU> writes:
Greg> Sam has argued (privately) that it's better to use an
Greg> MIT-style check because it allows the deployment of new
Greg> cksumtypes for an enctype. I am not sure that this is
Greg> valuable, since we have no checksum type negotiation in the
Greg> Kerberos protocol, only enctype negotiation. I would be more
Greg> comfortable with a Heimdal-style check.
Are there any differences between the Heimdal and MIT style checks for
current checksums?
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
