[36699] in Kerberos
Re: Need info on Kerberos configuration with AES & SHA2
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Fri Jan 2 15:45:21 2015
Date: Fri, 2 Jan 2015 15:45:00 -0500 (EST)
From: Benjamin Kaduk <kaduk@mit.edu>
To: Prashanth Marampally <PMarampally@agiliance.com>
In-Reply-To: <E8B88F60B13F8A45B352646B20CF85BC7DF7FDA5@mbx029-w1-ca-10.exch029.domain.local>
Message-ID: <alpine.GSO.1.10.1501021541560.23489@multics.mit.edu>
MIME-Version: 1.0
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Fri, 2 Jan 2015, Prashanth Marampally wrote:
> Hi,
>
> I am naive to kerberos.
>
> Would like to know whether or not can we configure kerberos 5 with AES &
> SHA2. If yes, please guide me with some articles, documentations etc.
Currently, you cannot.
There is a draft proposal for how such a combination could be done
(https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-05), but
it is just a draft and has not yet been finalized as an IETF RFC. After
that happens, someone would have to actually implement the proposal in a
kerberos library.
-Ben Kaduk
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
