Kerberos does use a modular approach to encryption; the MIt implementation of Kerberos supports des, 3des, rc4 and AES at current writing.
There is also a modular approach for checksums that are used. However, the technology that is used to integrity protect ciphertext is tied to the encryption type. For example, AES always uses sha1-hmac and RC4 always uses md5-hmac. Note that if we needed to use something else with AES we could simply standardize AES with some other MAC as a new encryption type. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos