[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal 0.6.1 + 0.5.3

To: "Henry B. Hotz" <hotz@jpl.nasa.gov>
Subject: Re: Heimdal 0.6.1 + 0.5.3
From: joda@pdc.kth.se (Johan Danielsson)
Date: Fri, 02 Apr 2004 08:25:15 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: <p05210605bc9228f787b3@[128.149.220.230]> (Henry B. Hotz'smessage of "Thu, 1 Apr 2004 12:29:45 -0800")
References: <xofzn9vmyjc.fsf@blubb.pdc.kth.se><p05210605bc9228f787b3@[128.149.220.230]>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/20.7 (berkeley-unix)

"Henry B. Hotz" <hotz@jpl.nasa.gov> writes:

> Always nice to see new releases.

We should just try to do them more often.

> arcfour == rc4 == Windows encryption == Luke Howard's rc4 patch?

I suppose it's a major component. Love will have to answer this.

> This sounds a lot like the Kerb 4 cross-realm vulnerability.  Is it?
> Or is it a new relative of it that applies to Kerb 5?

It's not really related to the krb4 thing, but the end result is
similar.

> Been meaning to check this:  if you expire the password, expire the
> principal, or delete the principal does it prevent renewal?  I hope at
> least one of those does.

You can set the invalid flag, deny the rights to be a client, expire
it or its password, but it will not work to delete it, which I suppose
should be fixed too.

/Johan

Follow-Ups:
- Re: Heimdal 0.6.1 + 0.5.3
  - From: Love <lha@stacken.kth.se>

References:
- Re: Heimdal 0.6.1 + 0.5.3
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

Prev by Date: Re: To Forward or Not To Forward [PATCH for Telnet]
Next by Date: Re: To Forward or Not To Forward [PATCH for Telnet]
Prev by thread: Re: Heimdal 0.6.1 + 0.5.3
Next by thread: Re: Heimdal 0.6.1 + 0.5.3
Index(es):
- Date
- Thread