I’ve spent the last week at the Kerberos IETF interim meeting (two
days), and after that, three days at the Kerberos Interop
Summit. Microsoft was the host for both of the events.
The agenda for the interim meeting was the define what protocol
features are of the RFC3962 (Kerberos crypto framework), RFC4120
(Kerberos protocol) and RFC4121 (Kerberos 5 GSS-API, CFX). This to
determine that is needed to document for the implementation report to
IETF, so that the RFC’s can have their status changed to draft-standard.
There was a couple of bugs founds in Heimdal when we did the
testing. First the GSS-API delegated token is wrongly encrypted with
the subkey, the session key should be used instead. I added
comatibility code for that (MIT already had that). The switch to use
the right key will have to wait until Heimdal 0.9.
I also got the Diffie-Hellan public key wrong in PK-INIT. I missed
that the keyed needed to wrapped in a INTEGER, that was simple enought
to fix. And when that was done, PK-INIT in Diffie-Hellman mode worked
just fine.
The entry in written and posted the my blog at 9445m over sea level in
an Airbus. Yay for internet when flying.
Technorati tag: Heimdal