[Ietf-krb-wg] fast and patypes in KRB-ERROR

Srinivas Cheruku srinivas.cheruku at gmail.com
Fri May 15 03:01:05 EDT 2009

Sam wrote:...
>Probably this is more of an IETF issue than an MIT issue.  My concern
>about doing this is that the negotiation of which fast factors are
>supported would be unprotected.

[Srinivas Cheruku] I was thinking on this more. 
What affect would it have if the negotiation of fast factors is not
When non-fast request is sent to KDC, it returns KRB-ERROR e-data containing
PA-FX-FAST. This is also not protected PA-FX-FAST can also be deleted from
initial unprotected error. If this happens, the client would send non-fast
request containing enc-timestamp instead of generating a fast request. It
depends on the KDC policy to allow non-fast requests or not.

If we take the case of adding PA-ENCRYPTED-CHALLENGE or PA-OTP-CHALLENGE
along with PA-FX-FAST to unprotected error, then if these are deleted in
transit, then client maynot send OTP or ENC-CHALLENGE, but if the KDC is
configured so that the client requires these, then it won't generate the
ticket and would again asks for the same.

So, where do we see a potential risk of sending PA-ENCRYPTED-CHALLENGE or
PA-OTP-CHALLENGE along with PA-FX-FAST in unprotected error. Am I
overlooking something?


More information about the krbdev mailing list