Replay cache avoidance

Nico Williams nico at
Mon Sep 1 22:38:09 EDT 2014

On Mon, Sep 1, 2014 at 8:24 PM, Matt W. Benjamin <matt at> wrote:
>>    For example, NFS is such a protocol.  There's no need to use an
>>    rcache for the NFS service.
> Thank you for the confirmation.  This has come up as an an issue for us with MIT Krb5.

Although you need to beware of a subtlety I only mentioned in passing:
you need to be using a "newer" enctype, which means AES or Camellia
(see RFC4121).

For enctypes prior to RFC4121 there's no requirement that the
initiator use the sub-session key asserted by the acceptor.  (I forget
if RC4 does it always, and what the interop matrix looks like for
3DES.  1DES, of course, is out.)


More information about the krbdev mailing list