[16732] in Kerberos_V5_Development
Re: RC4 Weak Key checks
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Mar 28 19:30:51 2011
From: Greg Hudson <ghudson@mit.edu>
To: "jaltman@secure-endpoints.com" <jaltman@secure-endpoints.com>
In-Reply-To: <4D8CEB8E.8020402@secure-endpoints.com>
Date: Mon, 28 Mar 2011 19:30:40 -0400
Message-ID: <1301355040.10465.237.camel@t410>
Mime-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, 2011-03-25 at 15:22 -0400, Jeffrey Altman wrote:
> I can find no evidence that Microsoft Kerberos SSP performs weak key
> checks. Perhaps the consortium can obtain an explicit answer from
> Microsoft.
I've received an answer that Microsoft Kerberos does not check for RC4
weak keys. I will remove the weak key checks from our trunk code and
mark it for backport to (at least) 1.9.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
