krbdev Digest, Vol 33, Issue 6
Sam Hartman
hartmans at MIT.EDU
Thu Sep 8 18:19:16 EDT 2005
>>>>> "Henry" == Henry B Hotz <hotz at jpl.nasa.gov> writes:
Henry> On Sep 8, 2005, at 9:02 AM, krbdev-request at mit.edu wrote:
Will> And if the admin is trying to limit the skey enctypes for a
Will> particular service on a particular system, are they supposed
Will> to use the permitted_enctypes krb5.conf parameter? If so,
Will> doesn't this affect all services on that system?
>>
>> Yes. We have not seen a customer need to limit enctypes on a
>> per-service (instead of per-system) basis.
>>
>> Certainly any policy on what the service will accept needs to be
>> validated at the service.
Henry> Example: Solaris 9 machine.
no, this is an example of services that support different enctypes,
not a policy.
The current code supports this.
--Sam
More information about the krbdev
mailing list