>>>>> "Calimer0" == Calimer0 <[EMAIL PROTECTED]> writes:
Calimer0> important. I know Kerberos is designed to securely
Calimer0> authenticate principals in a not secure network
Calimer0> environment, and this is just the reason of my post
Calimer0> here. The attack described, if feasible, shows that
Calimer0> Kerberos can sometimes fail if an attacker has complete
Calimer0> control of the network. I would like to understand if
Calimer0> my conclusions are true or not, because unfortunately
Calimer0> I've not enough time and knowledge to experiment..
A protocol that does not require integrity protection of the exchanged
messages may be vulnerable to this attack. But for example, SASL
protocols such as Kerberos authenticated LDAP, IMAP and SMTP are not
vulnerable to this attack.
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
