Initial comments request: AEAD Encryption API

Sam Hartman hartmans at MIT.EDU
Sat Nov 8 17:02:32 EST 2008

>>>>> "Luke" == Luke Howard <lukeh at> writes:

    Luke> On 09/11/2008, at 12:09 AM, Luke Howard wrote:

    >>>> Supporting multiple data chunks that are not block-size
    >>>> aligned is tricky . Is it actually needed?
    >>>  Without a spec, I can only guess that it would be, at least
    >>> for the associated data.
    >>  I think it is fine to support, and in any case likely easier
    >> for the associated data (I'm not aware of any checksum
    >> mechanisms used with Kerberos that require the input data to be
    >> padded).

    Luke> Except for DES-MAC.

I think it's safe to say we only care about des-mac in the GSS case if that.

More information about the krbdev mailing list