RC4 Weak Key checks

Greg Hudson ghudson at MIT.EDU
Mon Mar 28 19:30:40 EDT 2011

On Fri, 2011-03-25 at 15:22 -0400, Jeffrey Altman wrote:
> I can find no evidence that Microsoft Kerberos SSP performs weak key
> checks.  Perhaps the consortium can obtain an explicit answer from
> Microsoft.

I've received an answer that Microsoft Kerberos does not check for RC4
weak keys.  I will remove the weak key checks from our trunk code and
mark it for backport to (at least) 1.9.

More information about the krbdev mailing list