[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kerberos decryption and Ethereal, help requested



>> Is usage always 2 when decrypting the blob inside a ticket or is usage
only
>> 2 when decrypted this blob inside a ticket inside a TGS-REP pdu?
>>
>> How do I figure out what usage should be?
>> (I was told it was the MSG Type but that was apparently incorrect)
>
>The keyusage is diffrent for diffrent encrypted blobs. See section 7.5.1 in
>draft-ietf-krb-wg-kerberos-clarifications-05.txt for when they are used.

Thanks for the pointer it is all clear now. I hope you will enjoy this
support in ethereal when it gets ready
sometime in the future.



Three final questions (for now)
1, I downloaded the latest snapshot, recompiled, and everything in your
example you sent me previously worked.
Ill go with this now to start embedding it into ethereal.
But since this uses an API not present in the current release of Heimdal but
in the upcoming 0.7 release,
is it known when 0.7 will be released?


2, Are there any differences between MIT and Heimdal kerberos on what
transforms are supported?
Do Heimdal support all encryption types MIT support or a subset?
In particular   do heimdal support RC4-HMAC ?   Encryption type 23   ?
RC4-HMAC is very important to me.


3, Are there any plans to make the libraries I need for this available on
the Win32 platform?
Afaict heimdal is only available on un*x systems?



(4, I have still failed to get the MIT code to work, mainly due to my
ignorance on how it works. I would really like to be able to make
ethereal support either implementation and not force policy onto the users
but that is a question for a different mailinglist)


best regards
    ronnie sahlberg


----- Original Message ----- 
From: "Love"
Sent: Tuesday, February 24, 2004 3:50 PM
Subject: Re: Kerberos decryption and Ethereal, help requested