RFC Errata
RFC 4757, "The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows", December 2006
Note: This RFC has been updated by RFC 6649
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
See Also: RFC 4757 w/ inline errata
Errata ID: 1372
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Kevin Coffman
Date Reported: 2008-03-14
Verifier Name: Sean Turner
Date Verified: 2011-06-01
Section 7.3 says:
// Generate checksum of message - // SGN_CKSUM + Token.Confounder // Key derivation salt = 15 Sgn_Cksum = MD5((int32)15, Token.Header, Token.Confounder);
It should say:
// Generate checksum of message - // SGN_CKSUM + Token.Confounder // Key derivation salt = 13 Sgn_Cksum = MD5((int32)13, Token.Header, Token.Confounder);
Notes:
The final RFC appears to have cut-and-paste typo regarding the salt value used when generating the checksum for a WRAP token. The value used for a MIC token is 15, the value used for a WRAP token is 13.
Love Hörnquist Åstrand <lha@kth.se> pointed out that an earlier draft shows the values actually in use:
http://tools.ietf.org/html/draft-brezak-win2k-krb-rc4-hmac-02