On Tue, Nov 22, 2011 at 23:35, Atro Tossavainen <open...@atrotossavainen.fi>wrote:
> If OpenAFS with Kerberos 5 still uses single DES only, how is it > fundamentally better security-wise than using kaserver...? > The Kerberos 4 protocol (including the ancient variant used by kaserver) has significant *structural* security flaws, over and above those related to enctypes. -- brandon s allbery allber...@gmail.com wandering unix systems administrator (available) (412) 475-9364 vm/sms