[OpenAFS] Kerberos 5 encryption types and AFS

Ken Hornstein (Contractor) kenh@cmf.nrl.navy.mil
Tue, 06 Mar 2007 14:39:54 -0500

>I've also found that if I took a client linked with a Kerberos library
>that didn't understand AES keys (1.2 era), pointed it at a ticket cache
>containing an AES TGT, and asked it to get a service ticket, it would

With an AES TGT, or an AES session key as part of the TGT?  The latter
would obviously fail; I really thought we had 1.2 era clients with AES
service tickets without any problems, but perhaps my memory is failing