Comments on the checksum vulnerabilities

[Sam Hartman]

>>>>> "Greg" == Greg Hudson <ghudson at MIT.EDU> writes:

    Greg> Sam has argued (privately) that it's better to use an
    Greg> MIT-style check because it allows the deployment of new
    Greg> cksumtypes for an enctype.  I am not sure that this is
    Greg> valuable, since we have no checksum type negotiation in the
    Greg> Kerberos protocol, only enctype negotiation.  I would be more
    Greg> comfortable with a Heimdal-style check.


Are there any differences between the Heimdal and MIT style checks for
current checksums?