After RFC 8429: Deprecate Triple-DES (3DES) and RC4 in Kerberos
Greg Hudson
ghudson at mit.edu
Fri Nov 2 23:45:32 EDT 2018
On 11/01/2018 10:30 AM, Weijun Wang wrote:
> Now that RFC 8429 is published and 3DES and RC4 are deprecated, is there any plan to remove them from etype list of KDC-REQ?
For RC4, I would like Microsoft to take the lead. 3DES is our
responsibility, and is probably not in nearly as much use (although I'd
have to at least check if we're still using it internally at MIT), so it
is probably not as painful to deprecate.
There is some ambiguity in how weak an enctype needs to be to qualify
for being affected by allow_weak_crypto. The primary concerns about
des3-cbc-sha1 are its 64-bit block size and the fast speed of its
string-to-key operation; both of these are far less problematic than the
practical ability to recover a random single-DES key. It would also be
a shame if administrators wound up enabling DES in order to make DES3
work (or RC4).
More information about the krbdev
mailing list