Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
Subject: Wrong PKCS11 PIN can trigger PKINIT draft9 code
X-RT-Original-Encoding: iso-8859-1
Content-Length: 794

In a common PKINIT scenario, the KDC method data offers both RFC 4556 
PKINIT and draft 9 PKINIT padata types.  We try the PKINIT module on 
both types, and typically they either both succeed or both fail.

However, if there is a PKCS11 token in the mix, the user could trigger 
a failure with the RFC 4556 PKINIT code path by entering the wrong 
PIN, and then a success with the draft 9 code path by entering the 
right PIN.  This scenario results in downgrading to draft 9 when the 
KDC supports RFC 4556.

A conservative solution is to use request context state to prevent the 
draft9 code from operating if the RFC 4556 code has already made an 
attempt.  A more aggressive solution is to remove the draft9 code 
(#8543).

http://mailman.mit.edu/pipermail/kerberos/2017-February/021585.html