[Freeipa-devel] Fwd: [openssl-users] removing Kerberos support from OpenSSL
Nathaniel McCallum
npmccallum at redhat.com
Mon May 11 16:51:23 UTC 2015
Nico Williams has made an interesting proposal on this topic:
http://marc.info/?l=openssl-users&m=143136162429551&w=2
It is probably worth discussing.
On Mon, 2015-05-11 at 10:09 -0400, Nathaniel McCallum wrote:
> Yes and no.
>
> The current Kerberos support is insecure and should not be used. The
> main
> problem is that the session key is reused for all TLS connections.
> This
> prevents perfect forward secrecy.
>
> That being said, we have been toying around with the idea of making
> a new
> standard for GSSAPI/TLS which uses a DH or a PAKE to ensure that both
> sides contribute entropy to a random encryption key.
>
> However, we have to get some of the other standards work off our
> plates
> before we can tackle such a large task.
>
> In short: existing Kerberos support should be removed from OpenSSL.
>
> Nathaniel
>
> On Tue, 2015-05-05 at 14:44 +0200, Petr Spacek wrote:
> > Hello!
> >
> > Is this somehow interesting for us?
> >
> > Petr^2 Spacek
> >
> >
> > -------- Forwarded Message --------
> > Subject: [openssl-users] Kerberos
> > Date: Tue, 05 May 2015 09:21:28 +0100
> > From: Matt Caswell <matt at openssl.org>
> > Reply-To: openssl-users at openssl.org
> > To: openssl-users at openssl.org, openssl-dev at openssl.org
> >
> > I am considering removing Kerberos support from OpenSSL 1.1.0.
> > There
> > are
> > a number of problems with the functionality as it stands, and it
> > seems
> > to me to be a very rarely used feature. I'm interested in hearing
> > any
> > opinions on this (either for or against).
> >
> > Thanks in advance for your input,
> >
> > Matt
> > _______________________________________________
> > openssl-users mailing list
> > To unsubscribe:
> > https://mta.openssl.org/mailman/listinfo/openssl-users
> >
>
More information about the Freeipa-devel
mailing list