[2499] in Kerberos-V5-bugs
krb5-libs/231: Triple-DES should be disabled
daemon@ATHENA.MIT.EDU (tytso@MIT.EDU)
Fri Nov 22 21:00:07 1996
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, tytso@MIT.EDU
Date: Fri, 22 Nov 1996 20:59:37 -0500
From: tytso@MIT.EDU
Reply-To: tytso@MIT.EDU
To: krb5-bugs@MIT.EDU
>Number: 231
>Category: krb5-libs
>Synopsis: Triple-DES should be disabled
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Nov 22 21:00:01 EST 1996
>Last-Modified:
>Originator: Theodore Y. Ts'o
>Organization:
mit
>Release: 1.0-development
>Environment:
System: SunOS dcl 5.4 Generic_101945-37 sun4m sparc
>Description:
Triple DES should be disabled for the 1.0 release, since the code we
have is nothing like how it will be done for Real. In fact, we may not want
to distribute the Triple DES directories. The same goes for the
SHA hash algorithm, although I think that's much less likely to change....
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
