[OpenAFS] Kerberos 5 encryption types and AFS
Ken Hornstein (Contractor)
kenh@cmf.nrl.navy.mil
Tue, 06 Mar 2007 14:39:54 -0500
>I've also found that if I took a client linked with a Kerberos library
>that didn't understand AES keys (1.2 era), pointed it at a ticket cache
>containing an AES TGT, and asked it to get a service ticket, it would
>fail.
With an AES TGT, or an AES session key as part of the TGT? The latter
would obviously fail; I really thought we had 1.2 era clients with AES
service tickets without any problems, but perhaps my memory is failing
me.
--Ken