GnuTLS and RFC2712?

[Simon Josefsson]

All,

Jack and I discussed adding Kerberos ciphers to GnuTLS, using Shishi.
Most likely the implementation would be in libgnutls-extra, since Shishi
is GPLv3.  I think starting with RFC 2712 may be useful, to see that we
understand it, and then proceed implementing some experimental protocol.

Are others interested in this?

Btw, Nikos, do you know if there is any license problem to use GPLv3
code with mod_gnutls?  As far as I understand, GPLv3 is compatible with
the Apache license, even though GPLv2 was not compatible.  But I may
have missed some point.

/Simon

Jack Bates <ms419 at freezone.co.uk> writes:

> Awesome, thanks for your response Simon! I sympathize with your struggle
> to find time, and share your enthusiasm for Kerberos in TLS. I'm excited
> to help however I can. Best wishes, Jack
>
> On Thu, 2008-01-24 at 12:22 +0100, Simon Josefsson wrote:
>> Jack Bates <ms419 at freezone.co.uk> writes:
>> 
>> > Hello Simon, I use your awesome Shishi Kerberos implementation and we
>> > have previously corresponded a bit.
>> >
>> > Please excuse this novice question, but I'm quite interested in using
>> > Shishi with GnuTLS to negotiate TLS connections with Kerberos tickets,
>> > instead of X.509 certificates, OpenPGP keys or SRP passwords. For
>> > instance, I'd like to establish a secure connection with Apache
>> > mod_gnutls and Shishi Kerberos tickets.
>> >
>> > I gather this is the subject of RFC2712? Can you comment on support for
>> > RFC2712 in GnuTLS?
>> 
>> Hi Jack!  Thanks for your interest.  Unfortunately, RFC 2712 is rather
>> broken, firstly it does not offer mutual authentication via Kerberos (no
>> AP-REP), and secondly it does not support modern ciphers (like AES).
>> 
>> I do have plans to implement Kerberos over TLS, either using RFC 2712 or
>> using a new idea based on the PSK ciphersuites -- I would add a new TLS
>> extension to send the Kerberos AP-REQ and AP-REP, and then the PSK
>> ciphersuite would use the derived encryption key as the pre-shared key.
>> 
>> Once GnuTLS supports it, adding support for it in mod_gnutls shouldn't
>> be too hard.
>> 
>> However, to start this, I need help from someone like you who actually
>> have a need to do this, to test early versions of the software and to
>> provide feedback on what works good and what works less good.  I recall
>> someone asking for Kerberos support in GnuTLS earlier, it was on the
>> Debian BTS, but I cannot find it now, and they never responded when I
>> got back to them later on.  I also need to allocate some spare time for
>> the project, which may be tricky, so I can't promise to finish this very
>> soon.  But I very much like to do this, since it ties together two of my
>> projects in a neat way.
>> 
>> Btw, there are efforts in the IETF to replace RFC 2712 with something
>> better, and Microsoft currently has a proposal do add support for
>> GSS-API inside TLS.  However, it hasn't been adopted, and some people
>> seems to dislike the proposal for various reasons.  I think supporting
>> GSS-API in TLS will be complex, so a simpler update of RFC 2712 that
>> uses Kerberos directly, without GSS-API, may have some merit.
>> 
>> /Simon
>> 
>>