Interoperability with Microsoft KDC using AES

Ankur Upadhyaya ankur at
Tue May 29 17:21:30 EDT 2007

Based on what I have read so far, I understand that only DES encryption 
can be used if client and server principals using MIT Kerberos 5 are to 
interoperate with a Microsoft Windows Server 2000 or 2003 Active Directory 

As of Windows Server 2008, however, Microsoft will support 256-bit AES 
encryption for its Kerberos implementation.  Does anybody have any 
information on whether or not MIT Kerberos 5 principals will be able to 
interoperate with this Microsoft KDC using 256-bit AES encryption (or 
anything stronger than DES)?

More information about the krbdev mailing list