Session Key through GSS-API
hartmans at debian.org
Tue Feb 28 16:50:56 EST 2023
>>>>> "Nico" == Nico Williams <nico at cryptonector.com> writes:
Nico> Wait, so Oracle uses the _ticket_'s session key as the session
Nico> key for its security layer??
Yes, or at least this doesn't surprise me.
There's a tag in the old cvs repositories for a version of krb5 (pre
beta5)l that MIT shipped to Oracle.
I think they ended up going with some version of Cybersafe,
but their krb5 was old enough that subsession keys weren't really used.
More information about the krbdev