IETF Logo Mail Archive

Re: [kitten] [Curdle] I-D Action: draft-ietf-curdle-des-des-des-die-die-die-03.txt

mrex@sap.com (Martin Rex) Fri, 23 June 2017 12:03 UTC

Return-Path: <mrex@sap.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E222128DF3; Fri, 23 Jun 2017 05:03:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.421
X-Spam-Level:
X-Spam-Status: No, score=-6.421 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jUGokK51kq4Q; Fri, 23 Jun 2017 05:03:44 -0700 (PDT)
Received: from smtpde01.smtp.sap-ag.de (smtpde01.smtp.sap-ag.de [155.56.68.170]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA7FB12EAB4; Fri, 23 Jun 2017 05:03:43 -0700 (PDT)
Received: from mail07.wdf.sap.corp (mail04.sap.corp [194.39.131.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde01.smtp.sap-ag.de (Postfix) with ESMTPS id 3wvHCy0vkVz1JNd; Fri, 23 Jun 2017 14:03:42 +0200 (CEST)
X-purgate-ID: 152705::1498219422-00000861-5EF00B1F/0/0
X-purgate-size: 2879
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate-type: clean
X-SAP-SPAM-Status: clean
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) by mail07.wdf.sap.corp (Postfix) with ESMTP id 3wvHCx616HzGp0x; Fri, 23 Jun 2017 14:03:41 +0200 (CEST)
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id C93721A6BE; Fri, 23 Jun 2017 14:03:41 +0200 (CEST)
In-Reply-To: <20170621174558.GK39245@kduck.kaduk.org>
To: Benjamin Kaduk <kaduk@mit.edu>
Date: Fri, 23 Jun 2017 14:03:41 +0200
CC: Martin Rex <mrex@sap.com>, kitten@ietf.org, curdle@ietf.org
Reply-To: mrex@sap.com
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20170623120341.C93721A6BE@ld9781.wdf.sap.corp>
From: mrex@sap.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/BjTGuRRNUROwl4N7HCqyfMDd2QQ>
Subject: Re: [kitten] [Curdle] I-D Action: draft-ietf-curdle-des-des-des-die-die-die-03.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jun 2017 12:03:46 -0000

Benjamin Kaduk wrote:
> Adding curdle@ for discussion of potential content changes to the
> draft...
> 
> On Wed, Jun 21, 2017 at 11:49:35AM +0200, Martin Rex wrote:
>>  
>> Partially true, it would be good to get some light shed on that
>> issue from *all* Kerberos implementors (not just Microsoft).
>> 
>> The new paragraph that you quoted as having been added to the I-D
>> currently _only_ talks about support for Kerberos AES enctypes in code.
>> The new text fails to mention the issue of availability of longterm secrets
>> in the Kerberos KDC database that are properly encoded for AES enctypes
>> --as a prerequisite of actually _using_ AES enctypes.
>> 
>> It's not just about availability of sufficiently recent code,
>> but also a necessity for re-keying all accounts in the Kerberos KDC database
>> _after_ sufficiently recend code has been deployed.  And it may not be
>> the deployment of new code on the KDC alone, there may be additonal
>> administrative changes necessary on the KDC to acutally enable use of
>> AES enctypes (e.g. changing the domain functional level in Active Directory)
> 
> 
> It sounds like you are asking for the addition of some text along
> the lines of:
> 
>   Software support is only a bare minimum requirement for deprecating
>   RC4 enctypes; there may be additional logistical considerations
>   involved such as provisioning AES keys for all principals and
>   updating software configuration to enable AES and disable deprecated
>   encryption types.
> 
> Is that something you are asking for?

Yes, thank your.  This sounds good to me.  I consider it even more
helpful than the reference to particular versions of particular
OpenSource Kerberos implementations, because this is a characteristic
that is sort-of implied by how kerberos-enctypes keys are created
(derived by string2key) and probably affect all implementations of
Kerberos, yet it is non-obvious to consumers of the technology.


There is a substantial difference between cipher suites in TLS, where
key length, strength and algorithm for the symmetric crypto is mostly
irrelevant to the (PKI) credentials, and where using new TLS cipher suites
and deprecating old TLS cipher suites does not have a rekeying requirement.


I do believe that it is very appropriate to provide such kind of a
guidance in an RFC, so that it this recommendation for deprecation
becomes more comprehensible and the trade-offs clearer to mere consumers
of the Kerberos technology, readers that aren't Kerberos protocol experts
and senior Kerberos implementers.

When making admins sufficiently aware of predictable interop-problems,
we may actually see more administrative deprecation of weak Kerberos
enctypes than leaving them in the dark, and it helps reducing the amount
of stumped users, helpdesks and admins.


-Martin

v2.23.0 | Report a Bug | By Email