[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exporting gssapi context, take two



On Fri, Apr 16, 2004 at 01:58:25PM -0400, Sam Hartman wrote:
> >>>>> "Kevin" == Kevin Coffman <kwc@citi.umich.edu> writes:
> 
>     >> The only problem I see with this proposal is that CFX does not
>     >> have two keys for signing and sealing.  It has one context key
>     >> and potentially one acceptor subkey.  Besides that, this
>     >> proposal looks good to me.
> 
>     Kevin> My intention was to make it simple for the calling code and
>     Kevin> simply return the derived keys to be used for signing and
>     Kevin> sealing -- whether they are derived from the
>     Kevin> context/session key or subkey.  Am I misunderstanding how
>     Kevin> this works?
> 
> 
> Yes, it doesn't work that way at all.
> 
> I also disagree somewhat with trying to make it easier for the calling
> code.  I'd rather simply export the minimum protocol quantities for
> the calling code to do its job.

I'm not sure I'm entirely on top of this either, but for Samba's
purposes, we need the local and remote subkeys (whatever they are, I'm
not a krb5 guru, I just know what we have in our code).  This is
because that's what MS uses, for things like SMB signing, and many
other SMB and MSRPC protocl details.  These are done on the 'master
key', not the signing or sealing subkeys, I think.  (And that is
also how it is described for NTLMSSP)

Andrew Bartlett