[20412] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Session Key through GSS-API

daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Feb 28 16:52:24 2023

From: Sam Hartman <hartmans@debian.org>
To: Nico Williams <nico@cryptonector.com>,
        Stephen Brown
 <Stephen.Brown@progress.com>
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
In-Reply-To: <Y/5d3SM3U1gpxYmn@gmail.com>
Date: Tue, 28 Feb 2023 21:50:56 +0000
Message-ID: <010001869a01d329-16b0eacb-1d10-4a84-b78c-dda122519af2-000000@email.amazonses.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

>>>>> "Nico" == Nico Williams <nico@cryptonector.com> writes:

    Nico> Wait, so Oracle uses the _ticket_'s session key as the session
    Nico> key for its security layer??

Yes, or at least this doesn't surprise me.

There's a tag in the old cvs repositories for a version of krb5 (pre
beta5)l that MIT shipped to Oracle.
I think they ended up going with some version of Cybersafe,
but their krb5 was old enough that subsession keys weren't really used.

--Sam
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20412] in Kerberos_V5_Development

Re: Session Key through GSS-API

daemon@ATHENA.MIT.EDU (Sam Hartman)Tue Feb 28 16:52:24 2023

daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Feb 28 16:52:24 2023