The NULL Encryption System
hartmans at MIT.EDU
Mon Mar 29 14:57:57 EST 2004
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
Nicolas> Technically it was (and still is) used by some rfc1964
Nicolas> (krb5 gss mech) implementations for "encrypting" the
Nicolas> KRB-CRED encpart; other than this the null enctype has
Nicolas> not been used for anything else, nor should be.
No, if they used the null enctype, then you'd get an EncryptedData
with plaintext as ciphertext; you don't even get that. You get the
encrypted part of the krb_cred structure encoded directly in the place
where you'd expect an EncryptedData.
More information about the krbdev