[krbdev.mit.edu #1621] aes checksum types not implemented
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Mon Jun 23 22:57:52 EDT 2003
Apparently the decision is to implement the new checksum types, and
accept them, but not use them by default, because we've got some
crufty code dealing with DCE interoperability that's getting in the
way. It turns out we've been using md5 even with triple-DES, without
realizing it.
Please try out the snapshot that will be generated tonight, or an
updated cvs tree, and let me know if the patches I've checked in work
for you. If so, and assuming no problems come up in our testing (they
shouldn't, because the code I added shouldn't get run), we'll put the
code into 1.3.
Ken
P.S. Is your current AES code available by ftp or anon cvs?
More information about the krb5-bugs
mailing list