"H.-J. Schnitzer" <[email protected]> writes: > The plain network traffic between client and KDC is vulnerable to > dictionary attacks on weak user passwords. There are already tunneling > mechansims available for MIT Kerberos like PKINIT and FAST but I find > them rather complicated to implement. TLS would make things definitely > easier.
However, note that TLS will have a significant impact on the performance of your KDC if you're doing high volume. That's obviously something that you can work around, particularly since KDCs normally don't need to be very fast. It probably doesn't make the KDC any slower than many other servers. But it will definitely take it out of the blazingly fast arena that it's in now. FAST is complex from a protocol standpoint, but there are already several implementations out there, and it's quite easy to use from an API standpoint. And it doesn't have the same performance problems provided that you have a long-term key available to use for the armor. (If you have to use anonymous PKINIT for the armor, you're back to the same performance issues with public key cryptography.) -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
