Re: F30 Self-Contained Change proposal: krb5 crypto modernization

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> writes:

> How does this ties with crypto policies? libkrb5 is already under
> crypto policies and has these ciphers disabled by default. Is this
> change about removing them from the code or removing them from the
> capabilities of the KDC which is not covered by crypto policies?
>
>> == User Experience ==
>> 
>> Ideally no change!  Worst case some users will see krb5 produce error
>> messages about bad enctypes not being able to be used (has no
>> enctype, could not fullfill enctype, etc.).  These pains are the
>> feeling of the world grinding forward security-wise.
>
> I guess there will be different experience in client side where these
> are already disabled by default in fedora, and in server side which
> they are not.

To address I think both your questions: the defaults we set matter a lot
less than we think they do.  I observe plenty of machines running
single-DES in the wild - despite this being permitted at no level of
crypto-policies.  This is obviously not the fault of crypto-policies in
any way; users have explicitly chosen to route around the system's
notion of "permitted" - and not without reason, in many cases.

The two biggest culprits for this (beyond general legacy infrastructure)
are Active Directory and AFS.  Active Directory uses RC4
(crypto-policies LEGACY) as an interop cipher; this is why it's not
actually removed in this change.  AFS has been using single-DES (for
interop) for quite some time.  AFS does support more modern
cryptography, but its adoption is far from universal.

But I think the biggest takeaway here is that requiring users to perform
additional configuration in order to hurt themselves won't actually stop
them all from hurting themselves - especially not in the age of
automation.  Maybe it would have been more effective if we'd followed
the 2009 `allow_weak_crypto` designation with a 2010 removal or some
threat thereof.  Hard for me to know; in 2009 I was busy being an
obnoxious teenager.

Thanks,
--Robbie

Attachment: signature.asc
Description: PGP signature

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux