Yes and no. The current Kerberos support is insecure and should not be used. The main problem is that the session key is reused for all TLS connections. This prevents perfect forward secrecy.
That being said, we have been toying around with the idea of making a new standard for GSSAPI/TLS which uses a DH or a PAKE to ensure that both sides contribute entropy to a random encryption key. However, we have to get some of the other standards work off our plates before we can tackle such a large task. In short: existing Kerberos support should be removed from OpenSSL. Nathaniel On Tue, 2015-05-05 at 14:44 +0200, Petr Spacek wrote: > Hello! > > Is this somehow interesting for us? > > Petr^2 Spacek > > > -------- Forwarded Message -------- > Subject: [openssl-users] Kerberos > Date: Tue, 05 May 2015 09:21:28 +0100 > From: Matt Caswell <m...@openssl.org> > Reply-To: openssl-us...@openssl.org > To: openssl-us...@openssl.org, openssl-...@openssl.org > > I am considering removing Kerberos support from OpenSSL 1.1.0. There > are > a number of problems with the functionality as it stands, and it > seems > to me to be a very rarely used feature. I'm interested in hearing any > opinions on this (either for or against). > > Thanks in advance for your input, > > Matt > _______________________________________________ > openssl-users mailing list > To unsubscribe: > https://mta.openssl.org/mailman/listinfo/openssl-users > -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
