Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement RFC 8636 to support crypto agility #171

Open
SteveSyfuhs opened this issue Jul 30, 2020 · 0 comments
Open

Implement RFC 8636 to support crypto agility #171

SteveSyfuhs opened this issue Jul 30, 2020 · 0 comments
Labels
enhancement Kerberos.NET Relating to the library itself

Comments

@SteveSyfuhs
Copy link
Collaborator

PKINIT is an asymmetric crypto extension for the initial AS-REQ authentication exchange. It's used for smart card (cert-based) authentication. The protocol has some crypto bits that are showing their age like the hardcoding of SHA-1.

RFC 8636 handles this by exposing some knobs to modify the types of algorithms used.

https://tools.ietf.org/html/rfc8636
https://tools.ietf.org/html/rfc4556
@SteveSyfuhs SteveSyfuhs added the Kerberos.NET Relating to the library itself label Aug 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Kerberos.NET Relating to the library itself
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SteveSyfuhs