On 4/26/2015 10:42 PM, Benjamin Kaduk wrote: > On Sun, 26 Apr 2015, Jeffrey Altman wrote: > >> Its still required for cells that haven't upgraded their keys. >> Unfortunately there are still far too many of them. > > I would prefer to provide an incentive for cells to upgrade their keys > than cause obscure failures for modern setups. The old releases will > still be available for people who want them -- we cannot claim with a > straight face that we need to provide security updates for sites which are > ignoring OPENAFS-SA-2013-003. > > -Ben
Four points: 1. OpenAFS has an obligation to provide backward compatibility with IBM AFS 3.6 rxkad as long as it wishes to use the name. 2. Frustrating end users who have no control over their cell administrators will not result in sites having an incentive to upgrade their cells. 3. Breaking one platform is not fair. If OpenAFS is going to break compatibility it should do so for all platforms. 4. aklog requires DES support for session keys to use with fcrypt. There is no additional strength obtained from a 56-bit key plus parity derived from an AES256 session key than from the use of a DES session key without derivation. Either way the rxkad challenge-response is using a 56-bit key and the wire privacy is using fcrypt. I see no justification for intentionally breaking the use of DES session keys on OS platforms that still support it. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
