[16522] in Kerberos_V5_Development
Re: Comments on the checksum vulnerabilities
daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri Dec 3 13:58:16 2010
From: Sam Hartman <hartmans@mit.edu>
To: Greg Hudson <ghudson@mit.edu>
Date: Fri, 03 Dec 2010 13:57:54 -0500
In-Reply-To: <1291401460.20307.240.camel@ray> (Greg Hudson's message of "Fri,
03 Dec 2010 13:37:40 -0500")
Message-ID: <tslr5dyof9p.fsf@carter-zimmerman.suchdamage.org>
MIME-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>>>>> "Greg" == Greg Hudson <ghudson@MIT.EDU> writes:
Greg> On Fri, 2010-12-03 at 13:31 -0500, Sam Hartman wrote:
>> Are there any differences between the Heimdal and MIT style
>> checks for current checksums?
Greg> Not really; I guess this isn't really a practical issue as
Greg> long as enctypes and checksums continue to be introduced in
Greg> lock step.
I think that's my argument.
The two models are likely to be the same unless we introduce a checksum
that is not in lock step with an enctype.
It would be difficult to do that for the reasons Greg described.
However if we did that, I'm not sure why we'd want the Heimdal model.
So, if the Heimdal model is easier to implement, I'm happy to switch to
it. I just think conceptually we'd be using the MIT model in the sense
that if we intentionally were to introduce a checksum that was a second
checksum for an enctyype, I'd expect us to permit code to work with that
checksum at the same time we introduced it.
--Sam
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
