krb5-1.3.2 is released

Tom Yu tlyu at MIT.EDU
Thu Feb 26 20:15:12 EST 2004


-----BEGIN PGP SIGNED MESSAGE-----

The MIT Kerberos Team announces the availability of MIT Kerberos 5
Release 1.3.2.  Please see below for a list of some major changes
since krb5-1.3.1, or consult the README file in the source tree for a
more detailed list of significant changes.

RETRIEVING KERBEROS 5 RELEASE 1.3.2
===================================
You may retrieve the Kerberos 5 Release 1.3.2 source from the
following URL:

        http://web.mit.edu/kerberos/dist/

The homepage for the krb5-1.3.2 release is:

        http://web.mit.edu/kerberos/krb5-1.3/

Further information about Kerberos 5 may be found at the following
URL:

        http://web.mit.edu/kerberos/

MAJOR CHANGES SINCE RELEASE 1.3.1
=================================

* Support for AES in GSSAPI has been implemented. This corresponds to
  the in-progress work in the IETF (CFX).

* Added a new ccache type "MSLSA:" for read-only access to the MS
  Windows LSA cache.

* On Windows, krb5.exe now has a checkbox to request addressless
  tickets.

* To avoid compatibility problems, unrecognized TGS options will now
  be ignored.

* 128-bit AES has been added to the default enctypes.

* AES cryptosystem now chains IVs. This WILL break backwards
  compatibility for the kcmd applications, if they are using AES
  session keys.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (SunOS)

iQCVAwUBQD6aI6bDgE/zdoE9AQH+bwQAlC2pvr+DbnYNw8NzlBAng6Hpqf3b5StJ
sZDakTpcOSalnouKv5TxRjLyG9hu9kz7e1Vl1/b9BDU5ROx9yTZnIV5PSxVO8JzR
QjfCM/hp1k+UeEtc81b63Thw//le4PBMc+8NM03Rmyiro4780SXKcbgyV+yF5ijD
Bj8AOFxdc1A=
=uPfm
-----END PGP SIGNATURE-----


More information about the kerberos-announce mailing list