On Wed, Mar 17, 2004 at 06:20:09PM -0800, Rostislav Krasny wrote: > --- Dag-Erling Sm?rgrav <des@des.no> wrote: > > From the URL you mentioned: "Most applications have no ability to use > > Kerberos ciphersuites and will therefore be unaffected." > > Do you imply that applications with ability to use Kerberos > ciphersuites are impossible to be implemented for current versions of FreeBSD? The text before the above quoted "Most applications have no ability..." read A remote attacker could perform a carefully crafted SSL/TLS handshake against a server configured to use Kerberos ciphersuites [...] Instead of asking about impossibility in the abstract, ask if you do run servers that support Kerberos cipthersuites and, if yes, how to configure your software to not use them. Cheers. -- Ng Pheng Siong <ngps@netmemetic.com> http://firewall.rulemaker.net -+- Firewall Change Management & Version Control http://sandbox.rulemaker.net/ngps -+- Open Source Python Crypto & SSL _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"