On Tue, Jul 19, 2011 at 2:01 PM, Ken Dreyer <ktdre...@ktdreyer.com> wrote: > On Tue, Jul 19, 2011 at 12:39 PM, Greg Hudson <ghud...@mit.edu> wrote: >> The best practice is to set +requires-preauth (and probably >> -allow_tgs_req) on principals with password-derived keys and leave it >> unset on principals with random keys. > > I thought the "best practice" would be to set requires-preauth on > every principal? I don't want to give someone the ability to offline > attack any of my principals...
Assuming a strong enough RNG you can't mount an off-line dictionary attack against pre-auth-less AS-REPs for client principals with randomized keys. (The same goes for tickets, which is why you don't want to allow tickets to be issued for service principals whose keys are really derived from weak passwords.) Nico -- ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
