Fwd: [krbdev.mit.edu #4975] Checksum type 14 undefined

Marcus Watts mdw at umich.edu
Thu Dec 7 22:26:35 EST 2006

> Date: Thu, 7 Dec 2006 21:22:28 -0500 (EST)
> From: Jeffrey Hutzelman <jhutz at cmu.edu>
> To: Marcus Watts <mdw at umich.edu>
> cc: <krbdev at mit.edu>
> Subject: Re: Fwd: [krbdev.mit.edu #4975] Checksum type 14 undefined 
> On Thu, 7 Dec 2006, Marcus Watts wrote:
> > > If you have an application that explicitly needs an _unkeyed_ checksum,
> > > then RFC3961 is not the framework you're looking for, at least for that
> > > application.
> > ...
> >
> > Actually, what I wanted was something very much like the "pseudo-random"
> > function of RFC 3961.  Unfortunately, that seems to be even more tenuous
> > than unkeyed sha1.
> The PRF is not used in core Kerberos, and while it does exist in GSS-API,
> that's a rather recent development and not widely used either.  So it's
> not that surprising if it's not widely implemented yet.  However, I expect
> that will change over time, and you should certainly feel free to use it
> in higher-profile projects which might encourage implementors to support
> it. :-)
> Note that I do not speak for MIT or any other Kerberos implementor.
> -- Jeff

The main thing that stopped me from doing that is I couldn't find
either any working implementation of RFC 3961 PRF, or good enough sample
vectors that I might with confidence expect to interoperate with some
future working implementation.

For gssapi, these weren't yet standards when I looked and did
not have public implementations; but things appear to have advanced
	RFC 4401
		key is an integer (ie, this is "too generic")
	RFC 4402
		GSS_Pseudo_random for kerberos 5.
		specifies GSS PRF+ as an augmented variation
		of the basic PRF function in 3961.
I haven't noticed this in any MIT distribution yet - is this in 1.6 or
maybe in subversion?

More information about the krbdev mailing list