aes128 vs aes256 ?
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Mon Jan 26 12:52:06 EST 2004
On Mon, 2004-01-26 at 05:40, Sam Hartman wrote:
> I think out of a desire to make sure that people were implementing
> aes256 as that is the mandatory to implement enctype.
>
> Probably we should eventually change the code to allow aes128 by
> default. Let us know if you need this to happen.
Its not critical to me since its easy enough to work around
by setting the list in the krb5.conf file or fixing the
code locally.
Although, supporting 128 bit by default might
be helpful for people with import/export restrictions
since 128 is generally easier to get through than 256.
-Wyllys
More information about the krbdev
mailing list