[krbdev.mit.edu #1624] use more secure checksum types

[Ken Raeburn via RT]

By default, we're using the checksum types for kdc_req, ap_req, and
krb_safe messages that are specified in the config file, with some
hard-coded defaults.  The ability to specify them in the config file is
for DCE compatibility.  The problem is, except for the krb_safe one, the
fallbacks are weak, unkeyed types, and we always use them, not just in
conjunction with DES key types.

(a) Can we get rid of the config file specifications altogether, even if
it means losing on compatibility with some versions of DCE (and possibly
not even the latest version)?

(b) Even if we have to keep the config-file stuff, it should only be
used in conjunction with DES key types.

(c) We should consider making the default for DES key types be to use
keyed checksums, too.

This is the full version of the problem we hacked around for ticket 1621
at the last minute for the 1.3 release....