directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xu Yaning (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRKRB-20) Encrypt user keys with server master key
Date Wed, 18 Nov 2015 04:58:10 GMT

    [ https://issues.apache.org/jira/browse/DIRKRB-20?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15010234#comment-15010234
] 

Xu Yaning commented on DIRKRB-20:
---------------------------------

It seems that master is not the krbtgt/Domain@Domain key.

> Encrypt user keys with server master key
> ----------------------------------------
>
>                 Key: DIRKRB-20
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-20
>             Project: Directory Kerberos
>          Issue Type: New Feature
>            Reporter: Enrique Rodriguez
>            Assignee: Enrique Rodriguez
>
> User keys are currently stored in the DIT as plaintext keys, for example, in the krb5key.
 These keys should be encrypted with the server master key.  The server master key should
be stored in the Eve system partition.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message