[EXTERNAL] Re: PKINIT on MacOSX Maverick and Yosemite

Greg Hudson ghudson at mit.edu
Mon Jan 18 20:26:27 EST 2016


On 01/18/2016 07:30 PM, Machin, Glenn D wrote:
> Apparently MacOSX
> Heimdahl is set at 1024 and has no (at least that I can find) a krb5.conf
> attribute like pkinit_dh_min_bits.

>From a look at the source code, it seems like Heimdal supports a
pkinit_dh_min_bits variable in [libdefaults], but only has built-in DH
groups at 1024 and 1760 bits.  If I'm right, you would need a
krb5.moduli file to make it support a 2048-bit group, and I can't find
any documentation on how to do that.

(To Heimdal's credit, it has supported ECDH PKINIT using P-256 for years
now, but that doesn't help you interoperate because MIT krb5 doesn't
implement it.)

> The MIT KDC minimum is 2048 and even if
> you set the kdc.conf pkinit_dh_min_bits to 1024 the source code¹s minimum
> is defined at 2048.

This was changed in 1.11.3 and 1.12+; we now allow values as low as 1024
bits to be configured.  Be aware that cryptographers believe 1024-bit
Diffie-Hellman to be attackable by nation-state adversaries.  It seems
like a value of 1760 bits might work with OS X clients (even without
configuration), so you might consider that instead.


More information about the Kerberos mailing list