[AFS3-std] rxgk/rxgk-afs updates
Chaskiel Grundman
cg2v@andrew.cmu.edu
Tue, 5 Mar 2013 15:57:18 +0000
=0A=
> I strongly disagree here. The server should specify the identity which it=
is accepting. There have been numerous =0A=
> cross-service attacks in the past where flaws in service A can be used to=
compromise service B because they =0A=
> are both prepared to accept the same keys (not least, the original GSS ss=
h work). I would rather that we didn't =0A=
>end up being service A or service B - so I think the SHOULD NOT here is en=
tirely inappropriate.=0A=
=0A=
Really? SSH's problem was that is was susceptible to authenticator replay b=
ecause the client was not required to prove it controlled the credentials i=
t was using. rxgk is (and needs to be) resistant to authenticator replay al=
ready (because it must compute the same K0 as the server to do anything use=
ful).=