need project review
Nicolas.Williams at sun.com
Mon Apr 7 15:42:15 EDT 2008
On Mon, Apr 07, 2008 at 08:28:10PM +0100, Tim Alsop wrote:
> In addition - if you store old master keys in a keytab they are
> potentially open to attack, so better to store as key material in the db
No different than when they were in the stash file.
Of course, ideally you could have the KDC implemented so no long term
key material ever leaves a hardware token. I used to be a fan of that
until I realized that that would mean putting so much of the KDC
implementation in the token that it may not be worthwhile. Instead
folks should minimize the network footprint of their KDCs and provide
extra physical security for them.
More information about the krbdev