The NULL Encryption System
Nicolas.Williams at sun.com
Mon Mar 29 15:10:21 EST 2004
On Mon, Mar 29, 2004 at 02:57:57PM -0500, Sam Hartman wrote:
> >>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
> Nicolas> Technically it was (and still is) used by some rfc1964
> Nicolas> (krb5 gss mech) implementations for "encrypting" the
> Nicolas> KRB-CRED encpart; other than this the null enctype has
> Nicolas> not been used for anything else, nor should be.
> No, if they used the null enctype, then you'd get an EncryptedData
> with plaintext as ciphertext; you don't even get that. You get the
> encrypted part of the krb_cred structure encoded directly in the place
> where you'd expect an EncryptedData.
My recollection of this is that at the first interim KRB WG meeting at
MIT Tom showed me the opposite, but I could be wrong.
More information about the krbdev