>>>>> "Rich" == Rich Johnson <[EMAIL PROTECTED]> writes:
Rich> Does anyone have a summary of the pros and cons of the
Rich> various kerberos encryption types?
des3-hmac-sha1-kd (des3-hmac-sha1 in the MIT implementation): What you
should be using; 168-bit keys, fairly standardized.
des-cbc-crc: What you probably end up using if you want
interoperability or krb4.
There's also RC4 used by Microsoft and des-cbc-md5, which is somewhat
better than des-cbc-crc, but MIT consistently messed up the
implementation.
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
http://mailman.mit.edu/mailman/listinfo/kerberos
