Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 0EE9559112; Fri, 5 Apr 2013 21:10:53 -0400 (EDT) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id r361Aqki021406; Fri, 5 Apr 2013 21:10:52 -0400 Received: from mailhub-auth-4.mit.edu (MAILHUB-AUTH-4.MIT.EDU [18.7.62.39]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id r361ApRj021402 for ; Fri, 5 Apr 2013 21:10:51 -0400 Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id r361AoZF007377 for ; Fri, 5 Apr 2013 21:10:50 -0400 Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id r361An9i027406 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 5 Apr 2013 21:10:50 -0400 Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id r361Anw6007044; Fri, 5 Apr 2013 21:10:49 -0400 (EDT) To: krb5-bugs@MIT.EDU Subject: allow dh_min_bits >= 1024 From: Tom Yu Date: Fri, 05 Apr 2013 21:10:48 -0400 Message-ID: Lines: 10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu X-RT-Original-Encoding: us-ascii Content-Length: 580 Windows 7 clients apparently offer the 1024-bit Oakley MODP group, and might have some trouble with Diffie-Hellman parameter counterproposals by the KDC. Allowing dh_min_bits to be 1024 (but not by default) should allow these clients to do PKINIT successfully (if combined with the "missing q parameter" interop workaround). Arguably, 1024 bits is too weak for modern usage, but SP800-57 says it's equivalent to 80 bits of security, and we still allow administrators to configure single-DES, which is weaker. We should still investigate the underlying interop problem, though.