[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sam Hartman <email@example.com>] Re: Interoperability betweenMIT and Heimdal wrt to MIC verification?
Hi. There has been a bit of discussion on firstname.lastname@example.org about a bug
reported by Olaf Kirch <email@example.com> in Heimdal's handling of get_mic
for the 3des GSSAPI support.
Some MIT users were running into the problem and we wanted to look at
whether we could add compatibility. We decided against.
-----BEGIN PGP SIGNED MESSAGE-----
I've looked at the patch supplied and apparently what is happening is
that Heimdal does not use an IV for the sequence number in 3des MICs.
Unfortunately, the IV is part of the security of an RFC 1964 GSSAPI
mechanism's sequence number. The IV binds the sequence number to the
packet checksum to prevent an attacker from glueing a sequence number
from one packet into another. Without this binding, GSSAPI's replay
detection is broken.
As such, The MIT Kerberos Team has decided not to implement
compatibility in our gss_verify_mic with the current Heimdal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>
-----END PGP SIGNATURE-----
krbdev mailing list firstname.lastname@example.org