[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kerberos/LDAP/SASL central authentication server howto

To: Nikola Milutinovic <Nikola.Milutinovic@ev.co.yu>
Subject: Re: Kerberos/LDAP/SASL central authentication server howto
From: Andreas <andreas@conectiva.com.br>
Date: Tue, 10 Aug 2004 09:41:32 -0300
Cc: tarjei@nu.no, heimdal-discuss@sics.se, Info-cyrus <info-cyrus@lists.andrew.cmu.edu>
In-Reply-To: <41188D43.70107@ev.co.yu>
References: <200408081229.i78CTGTN024320@brev.sics.se> <1092037347.6155.35.camel@linux.site> <amu0vc1z11.fsf@nutcracker.stacken.kth.se> <1092055101.4117703db027a@mail.nu.no> <20040809175927.GN2672@conectiva.com.br> <1092125626.6111.50.camel@linux.site> <41188D43.70107@ev.co.yu>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.5.5.1i

On Tue, Aug 10, 2004 at 10:54:27AM +0200, Nikola Milutinovic wrote:
> >>SASL SSF: 56  <---------- encrypted channel (only 56 bits though)
> 
> No. It simply means that authentication type is of SSF (Security 
> Strength Factor) 56. I'm not sure if the SSF has anything to do with 
> number of bits used as (some) private key length. Anyway, this is saying 
> nothing about the rest of the communication, just the authentication part.

I was just sparing you from a tcpdump packet trace. But here it goes (this one using
mutt and sasl-gssapi).
See the "privacy protection"?

Sorry for the binary blurb at the end.

* OK pandora.conectiva Cyrus IMAP4 v2.2.8 server ready
1 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LOGINDISABLED AUTH=GSSAPI AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
1 OK Completed
2 AUTHENTICATE GSSAPI
+ 
YIICMgYJKoZIhvcSAQICAQBuggIhMIICHaADAgEFoQMCAQ6iBwMFACAAAACjggExYYIBLTCCASmgAwIBBaESGxBESVNUUk8uQ09ORUNUSVZBoiQwIqADAgEDoRswGRsEaW1hcBsRcGFuZG9yYS5jb25lY3RpdmGjgecwgeSgAwIBEKEDAgEDooHXBIHUFRLqwm0S8NvPFbNNcHsv+TkH+MOSWM/gQB0D9QhG0q/8UrSIY47v2ddafrwUhV0pP64imgaK2QodJGM7e7uiraBP4fjxIhkmp8AifFoCYv4GJomMNic89S/4sO0s0LXsjaax8qDBFYwgTlmdkd+wNh7W5QJlT6oiyEUIp2Qfg2fN0C5hmn9kCvrHxqN8/B8b5tRDRK4dyruVhG4qichel/aiCDAdvUK0+yDyjpHBy7dwQ1mZ/UnRKYh0eGZxn5jrBcrHFzuMn5dYt+zyS6+zl/eg8M+kgdIwgc+gAwIBEKKBxwSBxPVAQ4YC+BNrVOc6ERH8jX2M4JrdFtTPkh92K+PQsitpyssAyBvvZVWUwgpq+cBLThhHKqpNWz7HND5yNk5QxStoMgRZDqNyY+fzBRbYrHA569DpeYZ32fm+sJrdTU5XD+sRcm1BZcqTw+qHFYJre2okBCj6WA2ji9llxKvGzI4U3AS6CR9OnnwWqGKBG3Dic0l76Bo8AKmeC94pU14jE1HndCyENYJ+cr3Wz/R9JI4O1wH8bBcXlFiUJJkqnRqp5eRQn3U=
+ YIGWBgkqhkiG9xIBAgICAG+BhjCBg6ADAgEFoQMCAQ+idzB1oAMCARCibgRs33FmHxLpql2QM5nCpZWkLv725MaXy78uiUI3JO4ZIv5FY97wGCohikmOY9YsIIYQqrpg1MLDoUTI8ZrrrDNjS54lGZG8KxQG2UIN+4OxMGXbY9ptv8BmcOh51uJbl2+jf1UJkGV65OdSm2hG

+ YD8GCSqGSIb3EgECAgIBBAD/////VZ1qfP0lGVCKb5f5QwnxKOoH1iFOq9KClEeAS1/DzkzoOnQsBwAQAAQEBAQ=
YD8GCSqGSIb3EgECAgIBBAD/////KYVa9h2IOIA3BC9eGMQ7ox4doJ/2Za9dew7olCCdX9oQA3PjBAAQAAQEBAQ=
2 OK Success (privacy protection)

(...)

Follow-Ups:
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Andreas <andreas@conectiva.com.br>

References:
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Markus Moeller <huaraz@moeller.plus.com>
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Tarjei Huse <tarjei@nu.no>
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Love <lha@stacken.kth.se>
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Tarjei Huse <tarjei@nu.no>
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Andreas <andreas@conectiva.com.br>
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Tarjei Huse <tarjei@nu.no>
- Re: Kerberos/LDAP/SASL central authentication server howto
  - From: Nikola Milutinovic <Nikola.Milutinovic@ev.co.yu>

Prev by Date: Re: Kerberos/LDAP/SASL central authentication server howto
Next by Date: Re: Kerberos/LDAP/SASL central authentication server howto
Prev by thread: Re: Kerberos/LDAP/SASL central authentication server howto
Next by thread: Re: Kerberos/LDAP/SASL central authentication server howto
Index(es):
- Date
- Thread