Interoperability with Microsoft KDC using AES
Ankur Upadhyaya
ankur at ca.ibm.com
Tue May 29 19:26:06 EDT 2007
Based on what I have read so far, I understand that only DES encryption
can be used if client and server principals using MIT Kerberos 5 are to
interoperate with a Microsoft Windows Server 2000 or 2003 Active Directory
KDC.
As of Windows Server 2008, however, Microsoft will support 256-bit AES
encryption for its Kerberos implementation. Does anybody have any
information on whether or not MIT Kerberos 5 principals will be able to
interoperate with this Microsoft KDC using 256-bit AES encryption (or
anything stronger than DES)?
More information about the Kerberos
mailing list