Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

krb5.conf manpage update for RFC8009 enctypes #815

Closed
DewayneG opened this issue Sep 5, 2021 · 0 comments
Closed

krb5.conf manpage update for RFC8009 enctypes #815

DewayneG opened this issue Sep 5, 2021 · 0 comments
Assignees
@lhoward

Comments

@DewayneG
Copy link

DewayneG commented Sep 5, 2021

The manpage for krb5.conf contains only enctypes:
des-cbc-crc, des-cbc-md4, des-cbc-md5,
des3-cbc-sha1, arcfour-hmac-md5, aes128-cts-hmac-sha1-96, and
aes256-cts-hmac-sha1-96
while heimdal 7.7.0 clients offer to negotiate additional types
19 hmac-sha256-128-aes128 16 RFC 8009
20 hmac-sha384-192-aes256 24 RFC 8009
per rfc8009.

Would you please update the krb5.conf manpage to include:
aes256-cts-hmac-sha384-192, aes128-cts-hmac-sha256-128
to the existing statement:
"valid encryption types are: des-cbc-crc, des-cbc-md4, des-cbc-
md5, des3-cbc-sha1, arcfour-hmac-md5, aes128-cts-hmac-sha1-96,
and aes256-cts-hmac-sha1-96"

(My thanks to Benjamin Kaduk@FreeBSD for pointing me to both the RFC & to you).
@lhoward lhoward self-assigned this Sep 5, 2021
@lhoward lhoward closed this as completed in c3a5f20 Sep 6, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lhoward lhoward

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lhoward @DewayneG