GSS-krb5 and enctype lists, revisited
Sam Hartman
hartmans at MIT.EDU
Fri Apr 18 19:31:21 EDT 2003
>>>>> "Tom" == Tom Yu <tlyu at MIT.EDU> writes:
>>>>> "Sam" == Sam Hartman <hartmans at MIT.EDU> writes:
Sam> Another thing to consider that I don't think I like would be
Sam> to always use default_tkt_enctypes for tgts. I don't
Sam> actually think that makes things simpler or solves any real
Sam> problems.
Tom> For reasons unclear to me, "default_tkt_enctypes" lists the
Tom> enctypes sent in AS-REQ messages only. I don't know if we
Tom> should change that semantic at this late point. One could
Tom> argue that it doesn't serve much purpose other than
Tom> confusion, though.
We had discussed going to the heimdal style where we had a
default_etypes config parameter and combine these too. I do agree
that is too late for 1.3.
More information about the krbdev
mailing list