Quick question related to Kerberos + AES256 + SHA2
Simo Sorce
simo at redhat.com
Thu Feb 25 10:39:47 EST 2016
Not that the Kitten WG is working on standardizing new enctypes for AES
+HMAC-SHA2, this is the latest draft:
https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-09
Although it will take a while before all the most common implementations
will have support for it, and it may never land on older OSs.
Simo.
On Thu, 2016-02-25 at 14:22 +0000, Prashanth Marampally wrote:
> Yep. Got it!
>
> Thanks,
> Prashanth
>
> -----Original Message-----
> From: Rick van Rein [mailto:rick at openfortress.nl]
> Sent: Thursday, February 25, 2016 7:50 PM
> To: Prashanth Marampally
> Cc: kerberos at mit.edu
> Subject: Re: Quick question related to Kerberos + AES256 + SHA2
>
> OK,
>
> Also note that the hash is not SHA1 but HMAC-SHA1, which is much stronger. I didn't make that clear before.
>
> -Rick
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Simo Sorce * Red Hat, Inc * New York
More information about the Kerberos
mailing list