[2662] in Kerberos
Re: Prerelease of revision 5.2 of the Kerberos V5 draft
daemon@ATHENA.MIT.EDU (Ganesan)
Mon Apr 12 17:18:14 1993
From: bf4grjc@socrates.MIT.EDU (Ganesan)
To: bcn@ISI.EDU (Clifford Neuman)
Date: Mon, 12 Apr 1993 16:59:23 -0500 (EDT)
Cc: kerberos@Athena.MIT.EDU
In-Reply-To: <9303301732.AA13940@tgo.isi.edu> from "Clifford Neuman" at Mar 30, 93 09:32:21 am
Reply-To: bf4grjc@bell-atl.com
Cliff,
Some minor comments on your draft:
1) Environmental assumptions: Recommend mentioning vulnerability to
dictionary attacks. This IS mentioned and emphasized in body of
document but it is useful to mention it upfront.
Recommend mentioning that it is NOT recommended that the protocol
be used for initial user-host authentication AS-IS.
2) Glossary (I'm nit picking here):
Dislike the way you define plaintext. If I re-encrypt an encrypted message
and then decrypt, I dont really get back "plaintext", as your definition
would suggest. Plaintext should be used for natural languages, numbers,
something with structure, as opposed to good ciphertext which diffuses
structure into randomness.
3) Recommend protocol contain (or at least recommend) a user-host
authentication protocol. As I've said before, by not doing this
we are guaranteed to end up with kinit's stuffed into logins sold to
unsuspecting users.
4) Key: Your definition of key sort of gives the impression of a single
entity. WHat if I had a cryptosystem that required six keys? Maybe
6 12 bit keys. The logical entity "key" could contain these six
distinct physical entities. SO maybe the key is not one "field".
THis could be 'fixed' by making the 'octet string' keyvalue[1] in
6.2 a linked list or two dimensional array with optionally many keys.
5) Encryption Systems: Not sure of the motivation behind REQUIRING DES
support. Returning "Unrecognized encryption type" should be fine if
a system chooses not to support DES. Similar comments for Checksums.
I guess it defines on how you define interoperability, but if I talk
to a Kerberos server that does not do DES, and it tells me so,
POLITELY, then to my mind they are interoperating. Of-course you cant
use that server but thats a different problem - not an interoperability
issue.
Great work!
Ravi
--
*******************************************************************************
Ravi Ganesan e-mail: ravi@socrates.bell-atl.com
IS SAS Corporate Network Planning v-mail: (301) 595-8439
Bell Atlantic Fax: (301) 595-1341
Note: If your e-mail reply to me bounces, try sending it explicitly to
ravi@socrates.bell-atl.com instead of using the 'reply' feature.
******************************************************************************
--
*******************************************************************************
Ravi Ganesan e-mail: ravi@socrates.bell-atl.com
IS SAS Corporate Network Planning v-mail: (301) 595-8439
Bell Atlantic Fax: (301) 595-1341
Note: If your e-mail reply to me bounces, try sending it explicitly to
ravi@socrates.bell-atl.com instead of using the 'reply' feature.
******************************************************************************
