[OpenAFS] OpenAFS and single DES
Tue, 18 Dec 2012 16:23:14 -0500 (EST)
Replying to a rather old mail to note new developments...
On Fri, 5 Oct 2012, Benjamin Kaduk wrote:
> On Fri, 5 Oct 2012, Booker Bense wrote:
>> On Fri, Oct 5, 2012 at 11:23 AM, Benjamin Kaduk <email@example.com> wrote:
>>> You can limit your exposure by having the afs/cell@realm principal be the
>>> only principal in the database with a single DES key. The
>>> do not need to include single-DES, and you can safely make both user
>>> principals and krbtgt/realm have no weak keys, the weak crypto will only
>>> used to obtain an afs service ticket (and the corresponding token).
>> Are you absolutely sure this is true? I have vague recollections that you
>> need single DES keys on the krbtgt key to get single DES tickets. But
>> it's late and I haven't had lunch yet so I may be misremembering.
> I am not 100% sure, no. I am actually working on a document with a procedure
> for upgrading away from single-DES, and will test it in practice during the
> course of that work. (I will send a link when it is finished.) The main
The MIT krb5-1.11 release (announced yesterday) includes a document about
how to remove or mostly remove single-DES from the realm:
There's also a document detailing the types of keys involved in a request
and how their enctypes are selected:
The second page also documents two new features relevant to this
discussion: a way to disable the formerly-implicit assumption that all
principals support des-cbc-crc, as well as a per-principal attribute to
control which enctypes are permissible for session keys in service tickets
for that principal. These features can be used to limit single-DES keys
to just the few legacy services such as AFS which require them.