RFC 6542 adopted by MIT krb5?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

RFC 6542 adopted by MIT krb5?

Weijun Wang
We (Java team at Oracle) are going through weak algorithms in all our code and noticed our krb5 GSS-API mech is using MD5 in channel binding. I noticed RFC 6542 already updated it. Does MIT krb5 support it?

src/lib/gssapi/krb5/util_cksum.c has

  /* Checksumming the channel bindings always uses plain MD5.  */
  krb5_error_code
  kg_checksum_channel_bindings(context, cb, cksum)

Is that comment still precise? I tried to search for RFC 6542 site:mit.edu and also found nothing.

Thanks
Max


_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6542 adopted by MIT krb5?

Greg Hudson
On 10/15/2015 04:00 AM, Wang Weijun wrote:
> We (Java team at Oracle) are going through weak algorithms in all our code and noticed our krb5 GSS-API mech is using MD5 in channel binding. I noticed RFC 6542 already updated it. Does MIT krb5 support it?

To the best of my knowledge, we haven't implemented it yet.
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6542 adopted by MIT krb5?

Weijun Wang

> On Oct 16, 2015, at 2:00 AM, Greg Hudson <[hidden email]> wrote:
>
> On 10/15/2015 04:00 AM, Wang Weijun wrote:
>> We (Java team at Oracle) are going through weak algorithms in all our code and noticed our krb5 GSS-API mech is using MD5 in channel binding. I noticed RFC 6542 already updated it. Does MIT krb5 support it?
>
> To the best of my knowledge, we haven't implemented it yet.

Is there a plan?

The TLS guys in our team are talking about removing SHA-1 and I am asked what we can do on Kerberos. I said we only need for a little while because the SHA-2 related etypes are already in an IETF draft. And then I notice we are still using MD5. :-(

--Max


_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6542 adopted by MIT krb5?

Benjamin Kaduk-2
On Thu, 15 Oct 2015, Wang Weijun wrote:

>
> The TLS guys in our team are talking about removing SHA-1 and I am asked
> what we can do on Kerberos. I said we only need for a little while
> because the SHA-2 related etypes are already in an IETF draft. And then
> I notice we are still using MD5. :-(

It will be more than "a little while" before the SHA-2 enctypes are widely
deployed, I fear.  Of course, the SHA-1 ones use HMAC-SHA1, but it is
harder to convince people that HMAC is different than to have an
alternative deployed.

-Ben
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev