1996-03-28 - Re: HP & Export of DCE

Header Data

From: David Weisman <weisman@osf.org>
To: perry@piermont.com
Message Hash: f1da2b3c05ee5308bd2cd0b158823049f0dc1cf3d6f291d0791e53a5f4aa4aa5
Message ID: <9603272147.AA19461@oberon.osf.org.osf.org>
Reply To: <199603271619.LAA08716@homeport.org>
UTC Datetime: 1996-03-28 03:49:17 UTC
Raw Date: Thu, 28 Mar 1996 11:49:17 +0800

Raw message

From: David Weisman <weisman@osf.org>
Date: Thu, 28 Mar 1996 11:49:17 +0800
To: perry@piermont.com
Subject: Re: HP & Export of DCE
In-Reply-To: <199603271619.LAA08716@homeport.org>
Message-ID: <9603272147.AA19461@oberon.osf.org.osf.org>
MIME-Version: 1.0
Content-Type: text/plain

On Wed Mar 27, 1996, Perry E. Metzger wrote:

    Adam Shostack writes:

    > | Adam Shostack writes:
    > | > Well, if Leahy passes, DCE is exportable.

DCE is exported today, although without the ability to encrypt application
traffic.  Authentication and message integrity are in the export version.

    They are attacks against Diffie-Hellman. I don't know if DCE uses D-H
    in a similar manner. The main problem was too small a (fixed) modulus.
DCE RPC uses Kerberos V5 to establish DES session keys.