Re: krb5 / Lenny status

[Moritz Muehlenhoff <jmm@inutil.org>]

On Thu, May 15, 2008 at 06:36:35PM -0400, Joey Hess wrote:
> Moritz Muehlenhoff wrote:
> > Here's the update on krb5 for Debian Lenny, based on a mail from Russ
> > Allbery: (The status of Etch has changed; it isn't affected at all).
> > 
> > * MIT Kerberos itself does not generate long-term key pairs even when the
> >   PKINIT plugin is used, so any vulnerable long-term key pairs would have
> >   been generated outside of the MIT Kerberos software itself.  The PKINIT
> >   plugin only references existing key pairs and isn't responsible for key
> >   management.
> > 
> > * All of the random session key generation inside the PKINIT plugin is
> >   done using the regular MIT Kerberos random key functions, *not* the
> >   OpenSSL random number generator, and hence sessions created via PKINIT
> >   are not subject to this vulnerability.
> > 
> > MIT Kerberos itself is not in affected.  However, long-term key pairs used
> > with PKINIT may be affected if generated on an affected Debian system, but
> > such generation is external to MIT Kerberos.
> 
> Ok, added, I hope this makes more sense for kerberos users than it does
> for me.
> 
> Sounds like if you're using PKINIT, and (manually?) generated a
> long-term key pair on a vulnerable system, the key pair should be
> referenerated?

Yes, but the general use case for PKINIT is a combination of Kerberos
with a smart card, so I think that's very much of a corner case.

Cheers,
        Moritz