allow_weak_enctypes=false and AFS
Russ Allbery
rra at stanford.edu
Wed Jan 20 14:01:23 EST 2010
Greg Hudson <ghudson at mit.edu> writes:
> On Tue, 2010-01-19 at 13:58 -0500, ghudson at MIT.EDU wrote:
>> krb5_error_code krb5_allow_weak_crypto(krb5_context ctx, krb5_boolean enable);
> It's been pointed out that this API doesn't allow the application to
> know the previous state.
> I think that's fine since I'm just trying to solve a specific usability
> issue with aklog. If there are other use cases which would benefit from
> querying the state, I can add a second API to do that. But I'd like to
> know about the use cases first.
Yeah, my inclination would be go just do the simple thing, since in the
long run this hopefully won't be an issue.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the krbdev
mailing list