[OpenAFS-devel] Aklog/krb5 mappings

[Ken Hornstein]

>Okay, I'll shut up now. But I'd like to be able to run an AFS cell with
>absolutely no krb4 tickets used anywhere. I don't want to be surprised
>in 2 months by a brute-force AFS key cracker because the default is to
>leave krb4 enabled. I can deal with the legacy mapping behavior for now.

You're still screwed, unfortunately.  Even today the rxkad2b support
(which uses V5 tickets) only supports single-DES, which is the real
problem.  That doesn't change in a V5-only world.

--Ken