[2584] in Kerberos_V5_Development
Re: Prototype hell
daemon@ATHENA.MIT.EDU (Richard Basch)
Sun Oct 19 17:53:38 1997
Date: Sun, 19 Oct 1997 17:32:45 -0400
To: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Cc: Ken Hornstein <kenh@cmf.nrl.navy.mil>, Assar Westerlund <assar@sics.se>,
krbdev@MIT.EDU
In-Reply-To: <199710172025.QAA25162@dcl.MIT.EDU>
From: "Richard Basch" <basch@lehman.COM>
On Fri, 17-October-1997, "Theodore Y. Ts'o" wrote to "Ken Hornstein, Assar Westerlund, krbdev@MIT.EDU" saying:
> Date: Thu, 16 Oct 1997 09:24:35 -0400
> From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
>
> >What SHA code are you using? Most of the MD{4,5},SHA implementations
> >that I've seen assume that there's a type which is exactly 32 bits
> >wide and break on Crays. We had to fix that as well in our code.
>
> Ummm, I dunno where the SHA code in V5 came from .... Ted?
>
> I realized the attribution of the code had gotten chopped out somehow.
> I'm not sure why; I wouldn't have done that deliberately. A quick
> comparison with a collection of SHA implementations that I have looks
> like it was derived from the public domain one done by Peter Gutman.
Ted,
The reason you don't remember doing it, is I picked up the SHA code
(while I was making a first-pass 3-des integration). I don't remember
striking any credits, either, which means I didn't see any in the
version I picked up.
I do remember finding several versions of the SHA code, implementing TWO
algorithms. One of them referenced a recent update by NIST indicating
the first publication had a flaw, and indeed the reference seemed to be
accurate. Because I did not want to vet every single implementation, I
chose one that seemed to have the fix and was not restricted in
distribution or reuse.
--
Richard Basch
Sr. Systems Architect URL: http://web.mit.edu/basch/www/home.html
Lehman Brothers, Inc. Email: basch@lehman.com, basch@mit.edu
101 Hudson St., 38th Floor Fax: +1 201 524 5828
Jersey City, NJ 07302-3988 Voice: +1 201 524 5049
