Kerberos WG (krb-wg)

Ken Raeburn | 1 Oct 2002 17:07

Picon

Re: KRB-WG Interim Meeting Tommorrow

Simon Josefsson <simon+ietf-krb-wg <at> josefsson.org> writes:
> I have some on draft-ietf-krb-wg-crypto-01.txt.  I hope that draft is
> part of Clarifications, if not please ignore this.

Yes, and I meant to reply to your earlier email to me on these.

I think I've incorporated all your changes at this point, and they're
in the new draft I submitted this morning (copy also at
www.mit.edu/~raeburn/kcrypto.txt), although I haven't rebuilt my test
code to confirm the error in the string-to-key test vectors.

Thanks for sending them in!  I'm glad to see someone other than me is
actually looking at the crypto draft. 

Ken

P.S.  The new draft also has added hooks in the simplified profile to
support truncated HMACs (see RFC 2104 section 5) and cipher text
stealing, for use in AES.  The updated AES draft will be coming out a
little later.

crawdad+gridsec | 1 Oct 2002 20:34

Re: [security-wg] Re: bridging of Kerberos realms

> As Derek pointed out, this then is a problem of determine the path to use
> between the three realms. U determines that to get to R, it needs to get a
> TGT from X for B, then gets a TGT from B to Y. 
> 
> All this code is in place, including the [capath] section. (That's
> Configurable Authentication path) which could define X->B->Y as the path.

Hm.  That could easily go into DNS.  At least, less easily than the
name of the host's realm and locations of the realm's KDCs.
Something like:

FOREIGN-REALM._kerberos.LOCAL-REALM. TXT "TRANSIT-REALM-1" "TRANSIT-REALM-2"
				     TXT "TRANSIT-REALM-1a" "TRANSIT-REALM-2b"

I've illustrated an uglier-than-normal case there the client has a
choice of going by either of two three-step paths.

Douglas E. Engert | 1 Oct 2002 22:28

Re: [security-wg] Re: bridging of Kerberos realms

BUT Then you are trusting DNS to tell you what realms can be in the trust
path, and no way to verifiy that this is correct.     

crawdad+gridsec <at> fnal.gov, crawdad+krb-wg <at> gungnir.fnal.gov wrote:
> 
> > As Derek pointed out, this then is a problem of determine the path to use
> > between the three realms. U determines that to get to R, it needs to get a
> > TGT from X for B, then gets a TGT from B to Y.
> >
> > All this code is in place, including the [capath] section. (That's
> > Configurable Authentication path) which could define X->B->Y as the path.
> 
> Hm.  That could easily go into DNS.  At least, less easily than the
> name of the host's realm and locations of the realm's KDCs.
> Something like:
> 
> FOREIGN-REALM._kerberos.LOCAL-REALM. TXT "TRANSIT-REALM-1" "TRANSIT-REALM-2"
>                                      TXT "TRANSIT-REALM-1a" "TRANSIT-REALM-2b"
> 
> I've illustrated an uglier-than-normal case there the client has a
> choice of going by either of two three-step paths.

--

-- 

 Douglas E. Engert  <DEEngert <at> anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444

(Continue reading)

crawdad+gridsec | 1 Oct 2002 22:36

Re: [security-wg] Re: bridging of Kerberos realms

I would never trust DNS that far!  I was just thinking of helping the
client.  The service's realm's KDC and/or the service itself should
still make whatever checks they deem necessary.

> BUT Then you are trusting DNS to tell you what realms can be in the trust
> path, and no way to verifiy that this is correct.     
> > ...
> > Hm.  That could easily go into DNS.  At least, no less easily than the
> > name of the host's realm and locations of the realm's KDCs.

Douglas E. Engert | 1 Oct 2002 23:13

Re: [security-wg] Re: bridging of Kerberos realms


crawdad+gridsec <at> fnal.gov, crawdad+krb-wg <at> gungnir.fnal.gov wrote:
> 
> I would never trust DNS that far!  I was just thinking of helping the
> client.  The service's realm's KDC and/or the service itself should
> still make whatever checks they deem necessary.

But you also don't want the client delegating to the wrong service. 
If the client can't trust the path, this can happen too.

> 
> > BUT Then you are trusting DNS to tell you what realms can be in the trust
> > path, and no way to verifiy that this is correct.
> > > ...
> > > Hm.  That could easily go into DNS.  At least, no less easily than the
> > > name of the host's realm and locations of the realm's KDCs.

--

-- 

 Douglas E. Engert  <DEEngert <at> anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444

Douglas E. Engert | 1 Oct 2002 23:21

Updates for KRB-WG Clarifications

During the interim meeting today the http://www.kerberos.isi.edu/
page has had major updates.  Please review these tonight and get
comments with section numbers to the list be tomorrow morning. 

--

-- 

 Douglas E. Engert  <DEEngert <at> anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444

Lawrence Greenfield | 1 Oct 2002 22:10

Picon

section 1.2

If I can decipher the web page to understand what's the latest and
greatest up to the minute draft, I just wanted to say I'm very happy
with what I see as section 1.2 right now.

That's
<http://www.isi.edu/people/bcn/krb-revisions/krbclar1-3.html>

It addresses all of my concerns with previous text/footnotes.

thanks,
Larry

Douglas E. Engert | 2 Oct 2002 14:31

Editing and content comments + Security concern

3.1.3 p3  "If there is more than one supported strong encryption type in the etype 
           list, the first valid etype..." Should it read the first strong valid etype..."

3.1.5 p2 " user user "

3.3.1 p2 Using a network service to obtain the configuration path could be a point of
attack,
if the network service was to return a path which was not the "correct" path. This could
lead
a valid KDC but one not on the correct path to substitute its own path to the expect
expected,
realm, so it can impersonate a host, so as to obtain a forward credential of a user. 
For example, A, B, C and H are realms. B shared keys with a A, C and H. user <at> A wants to get
to
server <at> C. Hackers control DNS, which might be used as the network service. Network service
should return path as A, B, C, but returns A, B, H, C. H and DNS then routes the user to 
a dummy realm C, which returns dummy server <at> C. User then forwards TGT to the dummy server.
which is then used to attack impersonate the user in any realm.  
Moral of the story: User must trust the network service to return valid path. 
Because of section 3.3.3 p2 "closest" This attack may only work if clint  had contacted a 
service in H first, and had a TGT for H, and thought the path to C was via H.   

 
3.4.1 "Transfer interrupted"...

--

-- 

 Douglas E. Engert  <DEEngert <at> anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue

(Continue reading)

crawdad+gridsec | 1 Oct 2002 23:58

Re: [security-wg] Re: bridging of Kerberos realms

> > I would never trust DNS that far!  I was just thinking of helping the
> > client.  The service's realm's KDC and/or the service itself should
> > still make whatever checks they deem necessary.
> 
> But you also don't want the client delegating to the wrong service. 
> If the client can't trust the path, this can happen too.

Ah, I see I still don't have the griddish "of course you always
delegate" mindset ... even though I usually do delegate.

OK, it can stay in [capaths], although shorter realm paths are of
course better.  (Ever try to convince yourself to trust a PGP key
five "handshakes" from your own?  Then you know the feeling.)

Douglas E. Engert | 2 Oct 2002 14:31

Security concerns list


  3.1  Use preauth...

  3.1.2 Use replay cache

  3.1.5 For login, get TGT, and get server ticket for host

--

-- 

 Douglas E. Engert  <DEEngert <at> anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444

Group

gmane.ietf.krb-wg.

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

Articles in period: 101

October 2002

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Test of auto response2 (25 Mar 2013)
Test of auto response (25 Mar 2013)
I-D Action: draft-ietf-krb-wg-cammac-04.txt (26 Feb 2013)
[kitten] Kitten and Kerberos WG Merger - New Charter (6 Jan 2013)
Kitten and Kerberos WG Merger - New Charter (5 Jan 2013)
RFC 6806 on Kerberos Principal Name Canonicalization and Cross-Realm R (1 Dec 2012)
Kerberos for Android available (19 Nov 2012)
Meetecho session recording (9 Nov 2012)
Kerberos error code 82 conflict in draft-ietf-krb-wg-pkinit-alg-agilit (6 Nov 2012)
Please Welcome Simon Josefsson to the kitten leadership team (23 Oct 2012)
Fwd: New Version Notification for draft-burgin-kerberos-aes-cbc-hmac-s (19 Oct 2012)
Fwd: New Version Notification for draft-burgin-kerberos-suiteb-01.txt (19 Oct 2012)
I-D Action: draft-ietf-kitten-kerberos-iana-registries-00.txt (16 Oct 2012)
Protocol Action: 'Kerberos Principal Name Canonicalization and KDC-Gen (1 Oct 2012)
referrals: change in iesg processing (26 Sep 2012)
[secdir] SecDir review of draft-ietf-krb-wg-kerberos-referrals-14 (25 Sep 2012)
I-D Action: draft-ietf-krb-wg-kerberos-referrals-15.txt (23 Sep 2012)
Call for Volunteers: Adding Energy to the WG (23 Sep 2012)
AD review of draft-ietf-krb-wg-kerberos-referrals-14 (13 Sep 2012)
Last Call: (Camellia Encryptio (12 Sep 2012)
Fwd: New Version Notification for draft-perez-krb-wg-gss-preauth-02.tx (11 Sep 2012)

Archives

2	March 2013
1	February 2013
2	January 2013
1	December 2012
9	November 2012
13	October 2012
23	September 2012
21	August 2012
17	July 2012
94	June 2012
8	May 2012
28	April 2012
70	March 2012
149	February 2012
17	January 2012
23	December 2011
69	November 2011
56	October 2011
38	September 2011
84	August 2011
183	July 2011
93	June 2011
165	May 2011
49	April 2011
55	March 2011
32	February 2011
56	January 2011
49	December 2010
43	November 2010
170	October 2010
46	September 2010
83	August 2010
35	July 2010
12	June 2010
99	May 2010
13	April 2010
52	March 2010
16	February 2010
5	January 2010
21	December 2009
36	November 2009
122	October 2009
81	September 2009
44	August 2009
97	July 2009
102	June 2009
56	May 2009
64	April 2009
223	March 2009
24	February 2009
45	January 2009
60	December 2008
63	November 2008
18	October 2008
54	September 2008
140	August 2008
87	July 2008
4	June 2008
2	May 2008
21	April 2008
17	March 2008
32	February 2008
50	January 2008
62	December 2007
54	November 2007
41	October 2007
6	September 2007
52	August 2007
57	July 2007
37	June 2007
42	May 2007
35	April 2007
66	March 2007
13	February 2007
10	January 2007
6	December 2006
19	November 2006
24	October 2006
73	September 2006
46	August 2006
29	July 2006
47	June 2006
26	May 2006
36	April 2006
40	March 2006
42	February 2006
78	January 2006
28	December 2005
109	November 2005
90	October 2005
138	September 2005
84	August 2005
162	July 2005
59	June 2005
58	May 2005
42	April 2005
60	March 2005
175	February 2005
78	January 2005
42	December 2004
57	November 2004
114	October 2004
217	September 2004
52	August 2004
229	July 2004
70	June 2004
76	May 2004
111	April 2004
105	March 2004
95	February 2004
27	January 2004
114	December 2003
69	November 2003
254	October 2003
192	September 2003
113	August 2003
118	July 2003
62	June 2003
59	May 2003
91	April 2003
80	March 2003
47	February 2003
33	January 2003
187	December 2002
170	November 2002
101	October 2002
25	September 2002
21	August 2002
15	July 2002
29	June 2002
13	May 2002
49	April 2002

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template