Replay cache avoidance
nico at cryptonector.com
Mon Sep 1 22:38:09 EDT 2014
On Mon, Sep 1, 2014 at 8:24 PM, Matt W. Benjamin <matt at cohortfs.com> wrote:
>> For example, NFS is such a protocol. There's no need to use an
>> rcache for the NFS service.
> Thank you for the confirmation. This has come up as an an issue for us with MIT Krb5.
Although you need to beware of a subtlety I only mentioned in passing:
you need to be using a "newer" enctype, which means AES or Camellia
For enctypes prior to RFC4121 there's no requirement that the
initiator use the sub-session key asserted by the acceptor. (I forget
if RC4 does it always, and what the interop matrix looks like for
3DES. 1DES, of course, is out.)
More information about the krbdev