Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 4375] Kerberos PKInit pre authentication type

Date: Fri, 8 Jan 2010 06:14:14 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4375

--- Comment #2 from Ravi Chintakunta <ravi.kanth@xxxxxxxxxxx> 2010-01-08 06:14:13 PST ---
(In reply to comment #1)
> (In reply to comment #0)
> > The pre authentication type for Kerberos PKINIT does not match with
> > http://www.ietf.org/rfc/rfc4556.txt. For example, for 
> > 
> > pa-pk-as-req INTEGER ::=                  16
> > 
> > wireshark displays the data as pa-dass and does not analyze the data correctly.
> 
> 1. There have been some recent updates to the kerberos dissector. 
>    Although this problem sounds different than that reported in Bug #4363, it 
>    would be appreciated if you could download a recent development version of 
>    Wireshark from  http://www.wireshark.org/download/automated/win32/ and
>    verify that the problem still exists.
> 
> 2. If the problem still exists, Can you attach a (small) capture file 
>    showing the problem ??
>    If needed, you can mark the attachment as private.

I have tried the development version Version 1.3.3-SVN-31446 (SVN Rev 31446
from /trunk) and see the same behavior. 

In
http://anonsvn.wireshark.org/viewvc/trunk/asn1/kerberos/packet-kerberos-template.c?view=co&content-type=text%2Fplain
you may see these declarations:

#define KRB5_PA_PK_AS_REQ              14
#define KRB5_PA_PK_AS_REP              15
#define KRB5_PA_DASS                   16

These definitions are in line with:
http://tools.ietf.org/html/draft-ietf-cat-kerberos-pk-init-09

And which have been redefined in:

http://www.ietf.org/rfc/rfc4556.txt

where in PA-PK-AS-REQ = 16 and PA-PK-AS-REP = 17.

Microsoft seems to support both of them:
http://download.microsoft.com/download/a/e/6/ae6e4142-aa58-45c6-8dcf-a657e5900cd3/%5BMS-PKCA%5D.pdf

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.