[1174] in Kerberos_V5_Development
New cksumtype split (safe_cksum vs. req_cksum)
daemon@ATHENA.MIT.EDU (Richard Basch)
Wed May 15 01:53:59 1996
Date: Wed, 15 May 1996 01:52:23 -0400
To: tytso@MIT.EDU, krbdev@MIT.EDU
From: "Richard Basch" <basch@lehman.com>
The initialization of the checksum types does not easily permit the
specification of checksum types per enctype being used. For instance,
when I have des3-sha enabled, I want it to be using sha & hmac-sha, not
md5. The initialization code seems to read in only one integer, instead
of a list of enctype/cksum mappings... Of course, I also don't expect
if I set it to using sha all the time that the services that only have a
des key registered necessarily have been updated to know anything but
md5 or crc.
Btw, other than that, des3 works like a champ -- although I wouldn't
count on the algorithm not changing again... However, this time, I
expect there to only be minor changes, now that it has received so much
review.
Richard Basch
Sr. Developer/Analyst URL: http://web.mit.edu/basch/www/home.html
Lehman Brothers, Inc. Email: basch@lehman.com, basch@mit.edu
101 Hudson St., 33rd Floor Fax: +1-201-524-5828
Jersey City, NJ 07302-3988 Voice: +1-201-524-5049
