Quoting < http://web.mit.edu/kerberos/krb5-1.11/doc/admin/advanced/retiring-des.html#the-krbtgt-key-and-kdc-keys> ...
"Since the server that will handle service tickets for this principal is the KDC itself, it is easy to guarantee that it will be configured to support any encryption types which might be selected." Can anyone explain why "des-cbc-crc:normal" is listed as an encryption type for the new krbtgt/ZONE.MIT.EDU key. I cannot find a rationale for it in that page. Cheers, Kenny. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
