Camellia-CCM and defaults
ghudson at MIT.EDU
Wed Aug 4 12:47:46 EDT 2010
We're hopefully close to being able to merge the camellia256-ccm and
camellia128-ccm enctype implementations to the trunk; the code is
ready, although I'd ideally like to get IANA assignments first.
1. Should we add these enctypes to the default etypes list used for
the default values of default_tgs_enctypes, default_tkt_enctypes,
This would make it easier to deploy Camellia from the KDC when the
configurations of clients are not tightly controlled. It would,
obviously, expose clients to a bit of additional risk.
2. Should we add these enctypes to the default value of
supported_enctypes? (This is the default key:salt list used when
creating new principals or changing passwords.)
This would make it easier to switch a realm from using AES to
Camellia if, say, AES or SHA-1 were suddenly found to be weak,
since principal entries created after a 1.9 deployment will already
have Camellia keys.
Adding more enctypes here increases the database size and exposes
realms to additional risk if Camellia turns out to be weak.
If I receive no feedback, I will go with yes and yes, following the
precedent of the RC4 enctypes.
More information about the krbdev