Weijun Wang
2018-04-12 03:20:16 UTC
Without mutual auth, the acceptor has no chance to send an initial sequence number to the initiator, so they must agree on a default one.
In my experiment, it looks like MIT krb5 and Windows are reusing the initiator's initial sequence number and Heimdal is using 0.
Am I right? If so, is there a way to write an app that works for all of them? Or the acceptor simply should not send anything when there is no mutual auth?
Thanks
Max
_______________________________________________
krbdev mailing list ***@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
In my experiment, it looks like MIT krb5 and Windows are reusing the initiator's initial sequence number and Heimdal is using 0.
Am I right? If so, is there a way to write an app that works for all of them? Or the acceptor simply should not send anything when there is no mutual auth?
Thanks
Max
_______________________________________________
krbdev mailing list ***@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev