Session Key through GSS-API

Nico Williams nico at
Tue Feb 28 15:02:37 EST 2023

On Tue, Feb 28, 2023 at 05:37:59PM +0000, Stephen Brown via krbdev wrote:
> So, the application is an odbc driver which implements the oracle
> database wire-protocol (which unfortunately is not publicly
> documented). We  have found that the session key is needed for cypher
> reinitialization at connect time when using kerberos authentication
> and "oracle advanced security" is enabled on the server. If we use the
> subkey the server is immediately killing the connection. But with the
> session key we're able to connect.

Wait, so Oracle uses the _ticket_'s session key as the session key for
its security layer??


More information about the krbdev mailing list