RFC 4121 & acceptor subkey use in MIC token generation

Nico Williams nico at cryptonector.com
Thu Oct 26 18:28:07 EDT 2023 

On Thu, Oct 26, 2023 at 05:57:37PM -0400, Ken Hornstein via Kerberos wrote:
> You know that.  I know that.  But remember: "if you're explaining,
> you're losing".  When asked I can honestly say, "Kerberos is not
> a PKI" and that's good enough, but I can't say with a straight
> face, "This X.509 CA over here is not a PKI".

Have you considered the private sector?

More seriously, there must be an office that could evaluate the use of
online CAs that issue short-lived certificates using issuer keys stored
in HSMs (or software keys when the sub-CA has a very narrow
applicability, meaning very few systems will trust it).  Such CAs would
be very useful, I'm sure, especially if you could dispense with
revocation checking at the relying party because a) the certificate will
be as short-lived as a Kerberos ticket, b) the online issuer will have
checked revocation for the longer-lived credential used to authenticate
to it.

> >Presumably OpenSSH CAs are a different story because they're not x.509?  :)
> 
> Strangely enough, I am not aware of anyone in the DoD that uses OpenSSH
> CAs (there probably are, I just don't know them).  I could see it being
> argued both ways.  The people I know who use OpenSSH are (a) using
> gssapi-with-mic like us, (b) just using passwords, or (c) using their
> client smartcart key as a key for RSA authentication and they call that
> "DOD PKI authentication".  Again, you know and I know that isn't really
> using PKI certificates, but the people up the chain aren't really smart
> enough to understand the distinction; they see that you're using the
> smartcard and that's good enough for them.

But it is _a_ form of PKI, just not x.509/PKIX PKI, thus the smiley.

> >Don't you have OCSP responders?
> 
> We _do_, it's just a pain to find an OCSP responder that can handle that
> many.  If the official ones go offline that breaks our KDC so we run our
> own locally.

Ah, so what you mean is that you have a CRL replication problem.

Nico
--

More information about the Kerberos mailing list