Session Key through GSS-API

[Sam Hartman]

>>>>> "Nico" == Nico Williams <nico at cryptonector.com> writes:

    Nico> Wait, so Oracle uses the _ticket_'s session key as the session
    Nico> key for its security layer??

Yes, or at least this doesn't surprise me.

There's a tag in the old cvs repositories for a version of krb5 (pre
beta5)l that MIT shipped to Oracle.
I think they ended up going with some version of Cybersafe,
but their krb5 was old enough that subsession keys weren't really used.

--Sam