random to key from password
Nicolas Williams
Nicolas.Williams at oracle.com
Mon Sep 27 17:44:53 EDT 2010
On Mon, Sep 27, 2010 at 05:36:25PM -0400, Sam Hartman wrote:
> Does anyone actually want MIT's behavior of conflating requires_preauth
> behavior for servers and clients or should we split those out into
> separate flags?
Yes.
> So, even now I'm not convinced that implementing random_to_key in terms
> of random_pass would be bad.
I agree: there's no known attack now that can recover the password
without recovering the key, and such an attack seems unlikely, with a
mitigation coming soon (the ability to require pre-auth separately for
the client and server cases).
> I do think it is more complicated than I at first thought, but the
> benefits may justify it.
The main benefit of radomized passwords over randomized keys is better
synchronization/interop with AD. It's not that big a deal to me -- I've
never needed the ability to synchronize service principals' passwords.
Mostly I think this is a simplification for that case, but I don't think
it's a case that should be ignored either.
Nico
--
More information about the krbdev
mailing list