On Thu, 31 Jul 2014, Jeffrey Altman wrote:
On 7/31/2014 10:18 AM, Brandon Allbery wrote:
On Thu, 2014-07-31 at 16:12 +0200, Martin Richter wrote:
So this means that client caching can't be used anymore after DES has
been removed from the KDC?
No; rxkad-kdf derives a DES key from a stronger key. Also clients still
default to no encryption in the cache manager (fs setcrypt).
This is only true for UNIX cache managers. Windows default to "fs
setcrypt on".
One might ask why we permit such gratuitous behavior differences across
our platforms.
-Ben
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
