review of Projects/replay_cache_collision_avoidance, ending Jan. 12
Tim.Alsop at CyberSafe.com
Mon Dec 29 12:53:20 EST 2008
The CyberSafe TrustBroker products use a replay cache file located in /var/tmp (symlink = /krb5/tmp/rc). The replay cache file can be relocated by changing the symlink after the product has been installed (or changing registry entry on Windows version). The format of the file is the same as MIT replay cache file format.
The KDC (TrustBroker Security Server) has an option to disable replay attack, and network replay detection.
From: krbdev-bounces at mit.edu [mailto:krbdev-bounces at mit.edu] On Behalf Of Jeffrey Altman
Sent: 29 December 2008 17:45
Cc: krbdev at mit.edu
Subject: Re: review of Projects/replay_cache_collision_avoidance, ending Jan. 12
Sam Hartman wrote:
> You know, my examples aren't so good. I don't think Java and MIT share a replay cache format.
Solaris GSS (or other vendor provided implementation)
MIT Kerberos (mixed versions due to static libraries)
More information about the krbdev