> I've seen an at best moderately effective, easily stymied attack which could
> allow one access to the encrypted passwords of recent users.  It doesn't work
> against our KDC (or anyone else's that I know of which is currently
> maintained) now, and hasn't for some time.  Of course, as per the usual, it
> was wildly hyped.  In any event, it required brute-force password guessing,
> and obtaining even the encrypted passwords in question was significantly
> more expensive and scattershot than obtaining the contents of an unprotected
> /ec/passwd file.

Hunh?   The attack I know about that sounds like this is the one where
you request a TGT, and then do a brute force key search to try and
crack it.   Every year, this gets cheaper and easier.   K5 protects
against this.   I think either Matt Blaze or Bellovin and Cheswick did
a paper on this.

I haven't looked at K5 since I left Wells Fargo, so I can neither
confirm nor deny your statements about required patches.   I do agree
that there's a lot of duplicated code, but this just argues for a good
integration.   Doing a good integration would be expensive, but IMHO
it's the only way to go - that's what you're doing with K4 anyway,
isn't it?   K4 is more stable, which makes maintaining the integration
cheaper, but AFAIK that's the only real advantage.

			       _MelloN_