[OpenAFS] krb4 3des vulnerability
Derek Atkins
warlord@MIT.EDU
17 Mar 2003 16:46:07 -0500
You are still vulnerable, but only to those people who know the
keys to "long" principals.
-derek
Russ Allbery <rra@stanford.edu> writes:
> Brent Johnson <Brent.A.Johnson@jpl.nasa.gov> writes:
>
> > So does this mean if you're using kaserver you're vulnerable to this?
>
> > Does kaserver use 3des encryption? Is there any way to turn cross-realm
> > authentication off?
>
> My *hope* is that if you have no cross-realm keys in your kaserver you're
> not vulnerable, but that's just a guess, and I'd love to get confirmation
> of that....
>
> So far as I know, kaserver doesn't support 3DES at all.
>
> --
> Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available