Replay cache avoidance
Nico Williams
nico at cryptonector.com
Mon Sep 1 22:38:09 EDT 2014
On Mon, Sep 1, 2014 at 8:24 PM, Matt W. Benjamin <matt at cohortfs.com> wrote:
>> For example, NFS is such a protocol. There's no need to use an
>> rcache for the NFS service.
>
> Thank you for the confirmation. This has come up as an an issue for us with MIT Krb5.
Although you need to beware of a subtlety I only mentioned in passing:
you need to be using a "newer" enctype, which means AES or Camellia
(see RFC4121).
For enctypes prior to RFC4121 there's no requirement that the
initiator use the sub-session key asserted by the acceptor. (I forget
if RC4 does it always, and what the interop matrix looks like for
3DES. 1DES, of course, is out.)
Nico
--
More information about the krbdev
mailing list