On 7/30/2013 7:32 PM, Benjamin Kaduk wrote: > On Tue, 30 Jul 2013, Jeffrey Altman wrote: > >> This is an incorrect description. The explicit problem occurs when the >> following combination is true: >> >> 1. user has one or more strong enctype keys with non-default >> password salts >> >> 2. the only keys with default password salts are weak enctypes >> >> 3. preauth is required > > A bit off-topic (and feel free to go off-list), but I'm curious if there > is anything that can be said in general to be a cause for the presence > of non-default salts. > > Thanks, > > Ben
Realm or principal renaming without updating the keys. This is not specific to Heimdal.
smime.p7s
Description: S/MIME Cryptographic Signature
