[OpenAFS] Heimdal KDC bug mentioned in rekeying document

stephen@physics.unc.edu stephen@physics.unc.edu
Thu, 25 Jul 2013 09:11:38 -0400 (EDT)


In the cell rekeying instructions found at 
<http://openafs.org/pages/security/how-to-rekey.txt>, there is a note for 
sites using Heimdal KDCs. It mentions a bug present in "certain versions" 
of the Heimdal KDC software which completely disables DES on the AFS 
service principal when following the document's instructions.

Is more information available about specific versions of the Heimdal KDC 
software which exhibits this bug? The document mentions experimentally 
verifying ticket acquisition, which seems wise. But also knowing the KDC 
versions which have the bug would be beneficial.

Anyone have this info? Should I post to a heimdal list instead?