Session Key through GSS-API
nico at cryptonector.com
Tue Feb 28 15:02:37 EST 2023
On Tue, Feb 28, 2023 at 05:37:59PM +0000, Stephen Brown via krbdev wrote:
> So, the application is an odbc driver which implements the oracle
> database wire-protocol (which unfortunately is not publicly
> documented). We have found that the session key is needed for cypher
> reinitialization at connect time when using kerberos authentication
> and "oracle advanced security" is enabled on the server. If we use the
> subkey the server is immediately killing the connection. But with the
> session key we're able to connect.
Wait, so Oracle uses the _ticket_'s session key as the session key for
its security layer??
More information about the krbdev