encryption type used by windows client for AS-REQ

Jeffrey Altman jaltman2 at nyc.rr.com
Fri Jun 4 08:38:44 EDT 2004


Lara Adianto wrote:
> My question is: how does the windows kerberos client
> know which encryption type that it must use for the
> encryption of this preauth-data ? As far as I know,
> the default encryption type for windows kerberos is
> RC4-HMAC, but MIT Kerberos only supports DES-CBC-CRC
> and DES-CBC-MD5. So, how does windows kerberos client
> know that it shouldn't use RC4-HMAC ?

In fact, MIT Kerberos 1.3 and higher does support RC4-HMAC.
MIT Kerberos supports the broadest possible set of enctypes
available to ensure interoperability with other implementations.

Jeffrey Altman


More information about the Kerberos mailing list