[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Propagating MIT-Kerberos Database to Heimdal KDC



Friedrich Delgado Friedrichs <delgado@cert.dfn.de> writes:

As I suspected, MIT uses 0 for the key-usage, while we use
0x484442. Either we need a way to specify the usage, or we need to
decrypt directly in the mit-dump case. I don't know which I prefer.

> But does the MIT stash file work with heimdal? The postings I found
> seemed to imply this, that's why I tried to use it.

We read all sorts of formats.

> My first mail describes the steps I made to convert the MIT database
> to heimdal. Would you say my approach was correct?

Yes.

> Can you give a step-by-step account of how to convert a MIT database
> to heimdal?

Well pretty much what you did. Dump the MIT database, and use hprop to
convert it. This apparently doesn't work with DES3 encrypted keys.

> Hm, since heimdal seems to be a university project, the lack of
> documentation puzzles me. Has all the documentation (design,
> planning, implementation) been written in swedish?

Well while partly funded by a university, I wouldn't call it a
university project, if you by that mean that there were lots of
planning and applications for money. Simply put, we needed Kerberos 5,
and decided to write our own.

As far as I know everything is written in English. We do lack in
documentation, but having to chose between code and documentation I
much rather write (and have) code.

/Johan