Session key extraction

Krishna Ganugapati krishnag at
Tue Dec 23 10:10:21 EST 2008

We only require this for NTLM and Kerberos.
I think we'd be flexible to use this as a feature labeled Windows interop.
By the way, we have a full gss-ntlm provider which we'd be happy to contribute...


From: Sam Hartman [mailto:hartmans at]
Sent: Tue 12/23/2008 6:50 AM
To: Krishna Ganugapati
Cc: Luke Howard; krbdev at MIT.EDU; Rahul Srinivas
Subject: Re: Session key extraction

>>>>> "Krishna" == Krishna Ganugapati <krishnag at> writes:

    Krishna> We totally need this in our current shipping
    Krishna> product. We'd like to remove our extra
    Krishna> gss_inquire_context2 and use the standard distro
    Krishna> one. Please kindly keep this feature.
    Krishna> ________________________________

Do you need this for mechanisms other than NTLM and Kerberos?  Are you
willing to use a feature that is specifically labeled as a Windows
interoperability feature?


Are you willing to work with us on discussions of security constraints
that keys need to meet?  Or alternatively on a set of protocols where
the use has been reviewed and security problems have not been found?

More information about the krbdev mailing list