Pending OpenSSH release: contains Kerberos/GSSAPI changes
Sam Hartman
hartmans at mit.edu
Sat Jan 31 09:54:27 EST 2004
>>>>> "Ben" == Ben Lindstrom <mouring at etoh.eviladmin.org> writes:
Ben> I need someone to look at this and get back to us ASAP in
Ben> regards to if this will break GSSAPI-WITH-MIC.
It may make some conforming clients break but does not create a
security problem.
Some client implementers may choose to introduce an extra round trip
(which is what setting the mutual required flag does) in order to
interoperate with OpenSsh if the code is released in the current
state.
Really, that's probably OK if it happens.
I'd class this as a minor conformance issue, but not a huge deal.
More information about the openssh-unix-dev
mailing list