GSS-krb5 and enctype lists, revisited

Ken Raeburn raeburn at MIT.EDU
Fri Apr 18 16:53:56 EDT 2003

Steven Michaud <smichaud at> writes:
> The reason I brought the matter up in the first place is that I was
> suprised (and a little shocked) to discover that adding AES to the GSS
> krb5 mech requires a change in an RFC.

Yep.  Which is why we want to do it properly, on standards track, to
handle future encryption types, rather than hack in yet one more
encryption type and then have to extend it again for the next one that
comes along.  And that's the part that's likely to take longer than we
want to wait for the 1.3 release.

More information about the krbdev mailing list