[26852] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Document preference order of enctypes in krb5.conf

daemon@ATHENA.MIT.EDU (Zhanna A Tsitkova)
Wed Aug 22 13:07:28 2012

Date: Wed, 22 Aug 2012 13:07:25 -0400
From: Zhanna A Tsitkova <tsitkova@mit.edu>
Message-Id: <201208221707.q7MH7PcT002044@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/bbe2600c832bf23c208da30b5f702274bcb08fb1
commit bbe2600c832bf23c208da30b5f702274bcb08fb1
Author: Zhanna Tsitkov <tsitkova@mit.edu>
Date:   Wed Aug 22 13:05:25 2012 -0400

    Document preference order of enctypes in krb5.conf

 doc/rst_source/krb_admins/conf_files/krb5_conf.rst |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
index a790caa..996f93b 100644
--- a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
+++ b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
@@ -157,8 +157,9 @@ The libdefaults section may contain any of the following relations:
 
 **default_tgs_enctypes**
     Identifies the supported list of session key encryption types that
-    should be returned by the KDC.  The list may be delimited with
-    commas or whitespace.  See :ref:`Encryption_and_salt_types` in
+    should be returned by the KDC, in order of preference from
+    highest to lowest.  The list may be delimited with commas or
+    whitespace.  See :ref:`Encryption_and_salt_types` in
     :ref:`kdc.conf(5)` for a list of the accepted values for this tag.
     The default value is |defetypes|, but single-DES encryption types
     will be implicitly removed from this list if the value of
@@ -166,7 +167,8 @@ The libdefaults section may contain any of the following relations:
 
 **default_tkt_enctypes**
     Identifies the supported list of session key encryption types that
-    should be requested by the client.  The format is the same as for
+    should be requested by the client, in order of preference from
+    highest to lowest.  The format is the same as for
     default_tgs_enctypes.  The default value for this tag is
     |defetypes|, but single-DES encryption types will be implicitly
     removed from this list if the value of **allow_weak_crypto** is
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
home help back first fref pref prev next nref lref last post