Transarc Customers:
This is a further update on the Kerberos Security issues. See
http://www.transarc.com/afs/transarc.com/public/www/Public/Support/security-update.html
for pointers to the background on these issues.
In light of the COAST work, Transarc is doing a security review of
Kerberos 4.0 and AFS. We expect to provide some procedural changes to
improve security in new cells, and we will make code changes as
necessary. OSF also reviewed Keberos 5.0, and they have released a
source patch for Kerberos 5.0 that strengthens the random number
generator in Kerberos 5.0. This patch is relevant to all versions of
DCE (but not to AFS since it is based on Kerberos 4.0).
Transarc is working on building this OSF patch for DCE, and we will
make it available as soon as possible. Our hope is to have these
patches available for DCE 1.1 and DCE 1.0.3a within the next few days.
Again, please feel free to contact me directly, (412) 338-4412 or
[EMAIL PROTECTED], if you have further questions about this issue.
Liz Hines
Director, Product Support
