GSS-API and libkrb5 behavior for Anonymous tickets
hartmans at MIT.EDU
Tue Nov 3 14:11:43 EST 2009
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
>> I agree the libkrb5 interface should keep that in mind. I'm
>> not sure this matches the GSS-API model well enough to support
>> In particular, take a look at the requirements in
>> draft-ietf-krb-wg-anon-10 for the anonymous KDC case. The text
>> seems to place a fairly strong requirement that you verify the
>> KDC before using the ticket. So, I'm not sure it would be
>> permitted to use it in a normal ap exchange. If we ignore
>> that, then it would perhaps be permissible to use such a ticket
>> in gss-api with the mutual authentication flag cleared,
>> although you would get very different security guarantees than
>> you typically do with Kerberos especially if you use
>> per-message protection. I'm not sure if that's OK or not.
Nicolas> The GSS-API very explicitly contemplates, and allows, for
Nicolas> security contexts with anonymous initiator and acceptor
I was not aware that security contexts with anonymous acceptor names were permitted.
Do you have a reference handy?
More information about the krbdev