RFR 8186831: Kerberos ignores PA-DATA with a non-null s2kparams
Weijun Wang
weijun.wang at oracle.com
Fri Sep 8 01:36:30 UTC 2017
According to https://tools.ietf.org/html/rfc4120#section-3.1.3:
A "newer" enctype is any enctype first officially
specified concurrently with or subsequent to the issue of this RFC.
The enctypes DES, 3DES, or RC4 and any defined in [RFC1510] are not
"newer" enctypes.
I'll add a link and rename it to isNewer().
Thanks
Max
> On Sep 8, 2017, at 9:30 AM, Xuelei Fan <Xuelei.Fan at Oracle.Com> wrote:
>
> Looks fine to me.
>
> A minor comment about the method name "isNew", i'm not very sure what does it means. I would add comments about what the "new" refers to.
>
> Xuelei
>
>> On Aug 28, 2017, at 11:12 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>
>> Please review the fix at
>>
>> http://cr.openjdk.java.net/~weijun/8186831/webrev.00/
>>
>> This is an old bug that is about to bite us soon.
>>
>> Thanks
>> Max
>>
>
More information about the security-dev
mailing list