Received: from cathode-dark-space.mit.edu (daemon@CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) by krbdev.mit.edu (8.9.3p2) with ESMTP id JAA10475; Tue, 3 Feb 2004 09:59:16 -0500 (EST)
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9) id i13ExFrF022773; Tue, 3 Feb 2004 09:59:15 -0500 (EST)
To: rt@krbdev.mit.edu
Subject: Re: [krbdev.mit.edu #1354] des3 string-to-key
References: <rt-1354-4601.5.90103989913544@krbdev.mit.edu>
From: Tom Yu <tlyu@mit.edu>
Date: Tue, 03 Feb 2004 09:59:15 -0500
In-Reply-To: <rt-1354-4601.5.90103989913544@krbdev.mit.edu> (Ken Raeburn via's message of "Mon, 17 Feb 2003 22:11:36 -0500 (EST)")
Message-Id: <ldvwu74cipo.fsf@cathode-dark-space.mit.edu>
Lines: 15
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
RT-Send-Cc: 
X-RT-Original-Encoding: us-ascii
Content-Length: 415

>>>>> "Ken" == Ken Raeburn via RT <rt-comment@krbdev.mit.edu> writes:

Ken> Our current string-to-key for des3 makes no checks or corrections
Ken> for weak keys.

[...]

Ken> The current crypto draft says we don't do weak-key checks, but
Ken> that's because I looked at our string-to-key and not the key
Ken> scheduling code.

Latest crypto draft says weak key checking is done.  We should update
the code.

---Tom