Chaskiel Grundman c2e2de7384 When using PKINIT with DH, compute session key ...

RFC6112 provides a method of computing a session key when the PKINIT DH
is used, and mandates it for anonymous pkinit. The session key is computed
using KRB-FX-CF2 from the reply key and a random key chosen by the kdc.
The random key is provided to the client, which is supposed to verify
that the session key was computed this way.

2014-07-03 12:24:08 -04:00

51 KiB

Raw Blame History

View Raw