Re: [Ietf-krb-wg] Interop issues related to TGS subkeys

ghudson@MIT.EDU Wed, 20 May 2009 18:46 UTC

Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@core3.amsl.com
Delivered-To: ietfarch-krb-wg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5267228C1FE for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 20 May 2009 11:46:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FzrPstPmIvmY for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 20 May 2009 11:46:32 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id 220C43A7145 for <krb-wg-archive@lists.ietf.org>; Wed, 20 May 2009 11:45:49 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.ctd.anl.gov (Postfix) with ESMTP id 6021DC2; Wed, 20 May 2009 13:47:27 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id E8E02CF; Wed, 20 May 2009 13:47:23 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 9F3C180E01; Wed, 20 May 2009 13:47:23 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by lists.anl.gov (Postfix) with ESMTP id A738280DFE for <ietf-krb-wg@lists.anl.gov>; Wed, 20 May 2009 13:47:21 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id 86D487CC0F2; Wed, 20 May 2009 13:47:21 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 26036-07; Wed, 20 May 2009 13:47:21 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay2.anl.gov (Postfix) with ESMTP id 5AD5D7CC0BF for <ietf-krb-wg@lists.anl.gov>; Wed, 20 May 2009 13:47:21 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AuwAAELtE0oSBwdQkWdsb2JhbACWbXwBAQEBCQsKBxEFpgCID4hOhAgF
X-IronPort-AV: E=Sophos;i="4.41,222,1241413200"; d="scan'208";a="27213535"
Received: from biscayne-one-station.mit.edu ([18.7.7.80]) by mailgateway.anl.gov with ESMTP; 20 May 2009 13:47:21 -0500
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id n4KIlIHq015213 for <ietf-krb-wg@lists.anl.gov>; Wed, 20 May 2009 14:47:19 -0400 (EDT)
Received: from localhost (EQUAL-RITES.MIT.EDU [18.18.1.59]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id n4KIlIlV024806 for <ietf-krb-wg@lists.anl.gov>; Wed, 20 May 2009 14:47:18 -0400 (EDT)
Date: Wed, 20 May 2009 14:47:18 -0400 (EDT)
From: ghudson@MIT.EDU
Message-Id: <200905201847.n4KIlIlV024806@outgoing.mit.edu>
To: ietf-krb-wg@lists.anl.gov
In-Reply-To: <200905192345.n4JNj9AT013187@outgoing.mit.edu>
References: <200905192345.n4JNj9AT013187@outgoing.mit.edu>
X-Scanned-By: MIMEDefang 2.42
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Subject: Re: [Ietf-krb-wg] Interop issues related to TGS subkeys
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-krb-wg-bounces@lists.anl.gov
Errors-To: ietf-krb-wg-bounces@lists.anl.gov

As promised, I'm back to report on a third subkey interop issue:

3. tgs-req subkeys + enc-authorization-data = key ambiguity

RFC 4120 specifies:

      The enc-authorization-data, if present (and it can only be present
      in the TGS_REQ form), is an encoding of the desired
      authorization-data encrypted under the sub-session key if present
      in the Authenticator, or alternatively from the session key in the
      TGT (both the Authenticator and TGT come from the padata field in
      the KRB_TGS_REQ).  The key usage value used when encrypting is 5
      if a sub-session key is used, or 4 if the session key is used.

We have verified that Heimdal, AD 2003, and AD 2008, and MIT krb5 1.7
get this right.  Unfortunately, MIT krb5 prior to 1.7 does not; it
attempts to decrypt the enc-authorization-data with the TGS session
key and usage 4 regardless of whether a subkey is present.

I am not aware of any current use cases for enc-authorization-data in
TGS requests.  (We were previously expecting to use it for TGS FAST,
but it turns out we will be using the authenticator's authorization
data field instead.)  However, any implementor who comes up with a
reason to use it may want to be aware of the interoperability problem
with MIT krb5 <1.7 KDCs.  I'm not aware of any good workarounds
besides the obvious ones: (1) don't do it, and (2) try it the right
way, then retry it the wrong way if you get an integrity error reply.
_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg