raeburn at MIT.EDU
Wed Aug 20 16:20:52 EDT 2008
On Aug 20, 2008, at 16:03, Tom Yu wrote:
> There is some backward compatibility code in the MD5DES and MD4DES
> keyed hash implementation in our crypto library. It appears to allow
> validation of keyed MD5 or MD4 checksums where the sender did not
> include a confounder.
> The name macros controlling this compatibility code imply that they
> were for the "Beta 5" release, which was more than 10 years ago. Does
> anyone still require this compatibility hack?
Perhaps another good question is, does anyone still care about any
sort of backwards compatibility with pre-1.0 releases? I believe at
least one vendor is, or was within the last year or so, still
supporting 1.0.x clients for some customers. But we may still be able
to draw a line at 1.0, if not later....
More information about the krbdev