Adding principal from client. Is the password exposed ?
Greg Hudson
ghudson at MIT.EDU
Fri Aug 13 08:16:26 EDT 2010
On Fri, 2010-08-13 at 04:03 -0400, Use Nas wrote:
> Thanks Greg. Does GSSRPC use any open encryption standard Or is it
> just internal to MIT kerberos. I would like to understand it a bit
> more and make sure that there are no security vulnerbaility here.
The relevant standards would be:
RFC 2203 and 5403 (RPCSEC_GSS)
RFC 5531 (RPC)
RFC 1964 and 4121 (GSSAPI krb5 mechanism)
RFC 4120 (krb5)
RFC 2743 (GSSAPI)
More information about the Kerberos
mailing list