Behavior change of krb5_rd_req: what error to return

Sam Hartman hartmans at
Thu Dec 4 07:37:43 EST 2008

>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at> writes:

    Nicolas> On Wed, Dec 03, 2008 at 11:12:43AM -0600, Nicolas
    Nicolas> Williams wrote:
    >> Note that having aliases which share the same longterm key as
    >> another principal means that an attacker can undetectably
    >> change the sname in the unauthenticated plain-text part of the
    >> Ticket.  (The sname is not repeated inside the Ticket nor in
    >> the Authenticator.)  I'm not sure that such an attack is
    >> terribly interesting, UNLESS the service is going to make
    >> authorization decisions according to the name by which it was
    >> called.

    Nicolas> Oh, of course, if we're talking about case and
    Nicolas> normalization differences then never mind.

Well, it's bigger than that.  Since the sname is not protected, having any two services that share the same long-term key means they are indistinguishable.

If they are aliases, this seems entirely reasonable: it's the point of
them being aliases--names for each other.

It seems like a very bad idea to have two principals that share the same key and are not aliases.

More information about the krbdev mailing list