[EMAIL PROTECTED] (Sam Hartman) wrote in message news:<[EMAIL PROTECTED]>... > Kerberos does use a modular approach to encryption; the MIt > implementation of Kerberos supports des, 3des, rc4 and AES at current > writing. > > There is also a modular approach for checksums that are used. > > However, the technology that is used to integrity protect ciphertext > is tied to the encryption type. For example, AES always uses > sha1-hmac and RC4 always uses md5-hmac. Note that if we needed to use > something else with AES we could simply standardize AES with some > other MAC as a new encryption type. > > > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos
So it is not possible to combine n MAC vs. M ENC types in a upward compatible manner, right ? ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
