[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Exporting gssapi context, take two
> The only problem I see with this proposal is that CFX does not have
> two keys for signing and sealing. It has one context key and
> potentially one acceptor subkey. Besides that, this proposal looks
> good to me.
My intention was to make it simple for the calling code and simply
return the derived keys to be used for signing and sealing --
whether they are derived from the context/session key or subkey.
Am I misunderstanding how this works?