[2640] in Kerberos
Re: Can master key be changed?
daemon@ATHENA.MIT.EDU (Jon A. Rochlis)
Mon Mar 22 19:29:12 1993
Date: Mon, 22 Mar 93 16:17:41 EST
From: jon@MIT.EDU (Jon A. Rochlis)
To: Theodore Ts'o <tytso@MIT.EDU>
Cc: kerberos@MIT.EDU
> Date: Fri, 19 Mar 93 16:04:01 -0500
> From: Theodore Ts'o <tytso@Athena.MIT.EDU>
> To: Steve Lunt <lunt@ctt.bellcore.com>
> Cc: kerberos@Athena.MIT.EDU
>
> We've never used the feature in production, so I had forgotten that we
> had actually implemented it.
Actually we have used it in production, but it was while you were busy
being a student. I wrote (I think) the code specifically so we could
change the master key (in 1988 perhaps) since at that point it hadn't
been changed since the early development days and we were trying to
clean things up given a vague rumor about some vulnerability somebody
had discovered.
-- Jon
