On Tue, 2013-10-22 at 15:01 -0500, Andrew Deason wrote: > > D) When we're creating a new server connection we try the key with the > > highest kvno in the keyfile for each server. If that key fails to > > work, then we try the one with the next highest, and so on, until we > > either succeed, or run out of keys. This does mean that an attacker > > could force us to use an older key, but only for the period during > > which the rollover is being performed. > > But how do we know if something failed due to key-related problems?
Well, we're not really taking about "key-related problems"; we're talking about the specific problem of the server not knowing the key that was used to print the token. In that case, the error will always be RXKADUNKNOWNKEY. -- Jeff _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
