MIT krb5 release 1.18 will remove single-DES support
Greg Hudson
ghudson at mit.edu
Tue May 28 15:01:41 EDT 2019
This is advance notice that the MIT krb5 1.18 release, planned for near
the end of this year, will remove support for the single-DES encryption
types (chiefly des-cbc-crc) and their associated checksum types and salt
types. Setting "allow_weak_crypto = true" will no longer re-enable
single-DES.
If your Kerberos environment still makes use of single-DES, please see
https://web.mit.edu/kerberos/krb5-latest/doc/admin/advanced/retiring-des.html
for documentation on how to transition to the AES encryption types.
_______________________________________________
kerberos-announce mailing list
kerberos-announce at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos-announce
More information about the Kerberos
mailing list