-
Notifications
You must be signed in to change notification settings - Fork 18
/
INCOMPATIBILITY
19 lines (17 loc) · 984 Bytes
/
INCOMPATIBILITY
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Incompatibility notes:
======================
Currently, all of the MIT implementations of the Kerberos protocol are
not fully compliant with the Kerberos RFC --- specifically, we do not
implement the DES w/ MD5 checksum which is required by the RFC. This
includes the Beta 4 release, although I expect to have this fixed in a
patch release as soon as possible. I believe that we can fix this with
minimal compatibility impacts; vendors contemplating shipment of this
code as product should wait for the patch release or contact us for
futher details.
MIT implementations release Beta 2 and earlier are buggy in that they
incorrectly generate the ASN.1 for a TGS request message. This was
fixed in Beta 3, but the fix causes Beta 2 KDC's to be unable to
respond to Beta 3 and more recent versions due to a checksum error.
The Beta 3 KDC contains backwards compatibility code so that Beta 2
and earlier application programs can continue to work with a Beta 3
and more recent KDC.