[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exporting gssapi context, take two

To: Sam Hartman <hartmans@mit.edu>
Subject: Re: Exporting gssapi context, take two
From: Kevin Coffman <kwc@citi.umich.edu>
Date: Fri, 16 Apr 2004 13:51:13 -0400
Cc: kwc@citi.umich.edu, krbdev@mit.edu, nfsv4-wg@citi.umich.edu, heimdal-discuss@sics.se
In-Reply-To: Message from Sam Hartman <hartmans@mit.edu> of "Fri, 16 Apr 2004 13:11:14 EDT." <tsl65bzonkd.fsf@konishi-polis.mit.edu>
Sender: owner-heimdal-discuss@sics.se

> The only problem I see with this proposal is that CFX does not have
> two keys for signing and sealing.  It has one context key and
> potentially one acceptor subkey.  Besides that, this proposal looks
> good to me.

My intention was to make it simple for the calling code and simply
return the derived keys to be used for signing and sealing --
whether they are derived from the context/session key or subkey.
Am I misunderstanding how this works?

Follow-Ups:
- Re: Exporting gssapi context, take two
  - From: Sam Hartman <hartmans@mit.edu>

References:
- Re: Exporting gssapi context, take two
  - From: Sam Hartman <hartmans@mit.edu>

Prev by Date: Re: Exporting gssapi context, take two
Next by Date: Re: Exporting gssapi context, take two
Prev by thread: Re: Exporting gssapi context, take two
Next by thread: Re: Exporting gssapi context, take two
Index(es):
- Date
- Thread