misc q's: not loading profile from memory, not alloc memory on mk_priv/mk_safe, no replay cache?

Greg Hudson ghudson at MIT.EDU
Mon Aug 8 01:46:01 EDT 2011


On Sat, 2011-08-06 at 05:38 -0400, Chris Hecker wrote:
> Everywhere a subkey is generated or read in 
> these functions (that I could find), they stomp both send_subkey and 
> recv_subkey with the same key.

Right.  RFC 4120 gives application protocols a fair amount of latitude
on what key to use for KRB-SAFE and KRB-PRIV messages (see section
3.2.6) but generally speaking, the most recent subkey to be asserted is
used in both directions.

> 2.  Why have send_subkey and recv_subkey if they're always equal?

I'm not certain; this code is quite old.  It would be possible for a
sophisticated application to use the krb5_auth_con_set{send,recv}subkey
functions to set different subkeys for each direction, although I'm not
aware of any application doing so.





More information about the Kerberos mailing list