This is advance notice that the MIT krb5 1.18 release, planned for near the end of this year, will remove support for the single-DES encryption types (chiefly des-cbc-crc) and their associated checksum types and salt types. Setting "allow_weak_crypto = true" will no longer re-enable single-DES.
If your Kerberos environment still makes use of single-DES, please see https://web.mit.edu/kerberos/krb5-latest/doc/admin/advanced/retiring-des.html for documentation on how to transition to the AES encryption types. _______________________________________________ kerberos-announce mailing list kerberos-annou...@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos-announce ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos