dbentry_supports_enctype and 1DES enctypes

Jeffrey Altman jaltman at MIT.EDU
Mon Aug 29 23:36:03 EDT 2005


Telnet specifically requests a single DES session key
because the MIT version of Telnet does not support the 3DES TELNET
ENCRYPT option.

Note;  Most people who have implemented 3DES TELNET ENCRYPT
have gotten it wrong and providing support for it will only
result in Telnet connections that do not work.

Instead, if you really want to have strong encryption for Telnet
you should use the TELNET START-TLS option that was implemented
in C-Kermit and the SRP Telnet distribution.

Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2707 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20050829/42aaf4de/attachment.bin

More information about the krbdev mailing list