[OpenAFS] Supported enctypes in OpenAFS 1.4.x

Rodney M Dyer rmdyer@uncc.edu
Wed, 30 Aug 2006 10:29:07 -0400

At 09:57 AM 8/30/2006, Jeffrey Altman wrote:
>At the moment the requirement is that the service key and the session
>key be limited to one of the single DES types.  DES-CBC-CRC,
>In some future we will support stronger encryption types.

Exactly what does this "future" depend on:

* Simple developer time to implement?
* Encryption algorithm licensing?
* Encryption algorithm development?
* Does the AFS codebase have a modular encryption scheme where a new 
algorithm can simply be "plugged in"?
* Can you just simply use the prototype encryption algorithms from their 
respective RFCs?
* If you started today on a full time basis, how long do you think it would 
it take to add AES for example?
* Would this also include the implementation time for "fs crypt"?