signing-key for AD-KDC-ISSUED
Peter Mogensen
apm at one.com
Tue Jun 3 04:29:15 EDT 2014
Hi,
I noticed what seems to be an ambiguity in RFC4120. Regarding
ad-checksum for AD-KDC-ISSUED it states:
first:
----------
ad-checksum
A cryptographic checksum computed over the DER encoding of the
AuthorizationData in the "elements" field, keyed with the session
key. Its checksumtype is the mandatory checksum type for the
encryption type of the session key, and its key usage value is 19.
-----------
then later:
-----------
For KDC-issued elements, this is prevented because the elements are
signed by the KDC by including a checksum encrypted using the
server's key (the same key used to encrypt the ticket or a key
derived from that key).
-----------
This seems to be conflicting. First it says the signing-key is the
session-key, then it says it's the service-key used to encrypt the ticket.
Using the service-key seems to make more sense and it's also what I can
see the draft for AD-CAMMAC uses for svc-verifier.
What puzzles me is that the first text seems to have been changed from
draft-03 to draft-04 for RFC4120. The draft-03 text states:
-----------
ad-checksum
A checksum over the elements field using a cryptographic checksum
method that is identical to the checksum used to protect the
ticket itself (i.e. using the same hash function and the same
encryption algorithm used to encrypt the ticket) using the key
used to protect the ticket, and a key usage value of 19.
-----------
Which of of course is a bit unclear about what exactly is checksummed,
but on the other hand is consistent about which key is used.
Is this change from draft-03 to draft-04 an error wrt. using the
session-key?
/Peter
PS:
I can see that the MIT example authdata plugin "greeter" actually uses
the session-key for making ad-data KDC-ISSUED.
More information about the Kerberos
mailing list