Session key extraction
Nicolas Williams
Nicolas.Williams at sun.com
Tue Dec 23 00:35:18 EST 2008
On Mon, Dec 22, 2008 at 11:04:23PM -0500, Greg Hudson wrote:
> If there is any ambiguity about what key to return for a given
> mechanism, we are much safer if we do *not* implement key export for a
> mechanism before Microsoft does. It's much better to be stuck in the
> situation of "SSPI provides X, we provide nothing" than to be stuck in
> the situation of "SSPI provides X, we provide Y." The former is easily
> fixable; the latter is much harder.
If libgss is a plugin framework then you'll need to hardcode in it the
list of mechanisms that are allowed to export this key. Otherwise
there's no way to enforce this.
Count me as being in favor of enforcing whatever restrictions can
reasonably be enforced. That does not include uses of the key, as I
don't think it's feasible for libgss/mech_krb5 to enforce use only for
Windows protocols.
More information about the krbdev
mailing list