[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: heimdal and replay cache



On Tue, Mar 25, 2003 at 12:48:25AM -0800, Frank Cusack wrote:
> > 
> > On Thu, Aug 22, 2002 at 04:21:25PM +0200, Daniel Kouril wrote:
> > > On Thu, Aug 22, 2002 at 10:12:28AM -0400, Ken Hornstein wrote:
> > > > 
> > > > I sure hope your Kerberos implementation includes a replay cache
> > > 
> > > To quote from Heimdal's TODO:
> > > "the replay cache is, in its current state, not very useful"
> 
> I've not heard any response to this and am very curious.  Can someone
> shed any light on the situation?

It's been days (2 days for this, 2 weeks since my earlier email) and
there's been no response.  Digging through and comparing some bits
against MIT, I've found some very nice things in heimdal, but I really
wonder, how can anyone be using this if a security critical question
cannot be answered in a timely fashion?  I guess there are only 4
developers and so I understand time is short, but I don't think my
question is one that should go unanswered.

Thanks for any guidance,
/fc