Nico Williams has made an interesting proposal on this topic:
It is probably worth discussing.
On Mon, 2015-05-11 at 10:09 -0400, Nathaniel McCallum wrote:
> Yes and no.
> The current Kerberos support is insecure and should not be used. The
> problem is that the session key is reused for all TLS connections.
> prevents perfect forward secrecy.
> That being said, we have been toying around with the idea of making
> a new
> standard for GSSAPI/TLS which uses a DH or a PAKE to ensure that both
> sides contribute entropy to a random encryption key.
> However, we have to get some of the other standards work off our
> before we can tackle such a large task.
> In short: existing Kerberos support should be removed from OpenSSL.
> On Tue, 2015-05-05 at 14:44 +0200, Petr Spacek wrote:
> > Hello!
> > Is this somehow interesting for us?
> > Petr^2 Spacek
> > -------- Forwarded Message --------
> > Subject: [openssl-users] Kerberos
> > Date: Tue, 05 May 2015 09:21:28 +0100
> > From: Matt Caswell <m...@openssl.org>
> > Reply-To: openssl-us...@openssl.org
> > To: openssl-us...@openssl.org, openssl-...@openssl.org
> > I am considering removing Kerberos support from OpenSSL 1.1.0.
> > There
> > are
> > a number of problems with the functionality as it stands, and it
> > seems
> > to me to be a very rarely used feature. I'm interested in hearing
> > any
> > opinions on this (either for or against).
> > Thanks in advance for your input,
> > Matt
> > _______________________________________________
> > openssl-users mailing list
> > To unsubscribe:
> > https://mta.openssl.org/mailman/listinfo/openssl-users
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code