>Subject: GSS Server without secret key? >From: Oliver Schoett <[EMAIL PROTECTED]> >Date: Thu, 06 Nov 2003 12:17:03 +0100 >Organization: "sd&m AG, Muenchen, Germany" >To: [EMAIL PROTECTED] > >I have been playing with the Sun GSS/Kerberos sample code in > >http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/tutorials/ClientServer.html > >and noticed that the client in this scenario needs only a Kerberos >ticket (for example, obtained from an initial Windows logon), whereas >the server needs a secret key. This creates a key management problem >for our servers, which I would like to avoid. > >Why is it that the server needs a key, when in principle, a ticket >should be enough to prove one's identity? Is there a way to avoid the >key management problem for servers?
The server needs a key that's used as part of the authentication procedure. If this isn't done, you're suseptible to a man-in-the-middle attack. Also known as the "Zanarotti Attack". See: http://www.stacken.kth.se/lists/heimdal-discuss/2000-10/msg00011.html for further details. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
