Antwort: Re: Encryption types [Virus checked]

denis.havlik@t-mobile.at denis.havlik at t-mobile.at
Fri Apr 9 05:43:28 EDT 2004


>Make sure that the service principals in the KDC do not contain
>any enctypes other than DES-CBC-CRC or DES-CBC-MD5.  Java cannot
>handle them.

Don't understand this. Aren't client programs supposed to choose the 
encryption types they do understand out of the types that are offered by 
KDC, and negotiate the strongest encryption supported by both KDC and the 
client program?

Is this a bug in java, or have I misunderstood the way kerberos auth. 
works?

regards
        Denis



More information about the Kerberos mailing list