RFR: 8139348: Deprecate 3DES and RC4 in Kerberos
Weijun Wang
weijun at openjdk.java.net
Wed Feb 24 21:40:45 UTC 2021
On Wed, 24 Feb 2021 21:28:41 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Deprecate des3-hmac-sha1 (etype 16) and rc4-hmac (etype 23). User can add "allow_weak_crypto = true" in krb5.conf to re-enable them (plus the DES-based etypes deprecated long ago).
>
> test/jdk/sun/security/krb5/auto/NewSalt.java line 26:
>
>> 24: /*
>> 25: * @test
>> 26: * @bug 6960894 8194486 8139348
>
> I don't know if there are any rules or best practices about this, but I usually don't put a bugid on a test if it isn't specifically testing what this bug is about.
OK, I'll remove it.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2701
More information about the security-dev
mailing list