[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: heimdal and replay cache

To: heimdal-discuss <heimdal-discuss@sics.se>
Subject: Re: heimdal and replay cache
From: Frank Cusack <fcusack@fcusack.com>
Date: Thu, 27 Mar 2003 13:15:16 -0800
In-Reply-To: <20030325004825.D30083@google.com>; from fcusack@fcusack.com on Tue, Mar 25, 2003 at 12:48:25AM -0800
References: <20030325004825.D30083@google.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.2.5.1i

On Tue, Mar 25, 2003 at 12:48:25AM -0800, Frank Cusack wrote:
> > 
> > On Thu, Aug 22, 2002 at 04:21:25PM +0200, Daniel Kouril wrote:
> > > On Thu, Aug 22, 2002 at 10:12:28AM -0400, Ken Hornstein wrote:
> > > > 
> > > > I sure hope your Kerberos implementation includes a replay cache
> > > 
> > > To quote from Heimdal's TODO:
> > > "the replay cache is, in its current state, not very useful"
> 
> I've not heard any response to this and am very curious.  Can someone
> shed any light on the situation?

It's been days (2 days for this, 2 weeks since my earlier email) and
there's been no response.  Digging through and comparing some bits
against MIT, I've found some very nice things in heimdal, but I really
wonder, how can anyone be using this if a security critical question
cannot be answered in a timely fashion?  I guess there are only 4
developers and so I understand time is short, but I don't think my
question is one that should go unanswered.

Thanks for any guidance,
/fc

References:
- heimdal and replay cache
  - From: Frank Cusack <fcusack@fcusack.com>

Prev by Date: Bad encryption length, other problems with 0.5+
Next by Date: Re: Bad encryption length, other problems with 0.5+
Prev by thread: heimdal and replay cache
Next by thread: Re: heimdal and replay cache
Index(es):
- Date
- Thread