RFR: 8139348: Deprecate 3DES and RC4 in Kerberos [v2]

Sean Mullan mullan at openjdk.java.net
Thu Feb 25 13:43:42 UTC 2021


On Wed, 24 Feb 2021 22:25:52 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Deprecate des3-hmac-sha1 (etype 16) and rc4-hmac (etype 23). User can add "allow_weak_crypto = true" in krb5.conf to re-enable them (plus the DES-based etypes deprecated long ago).
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   test updates

Marked as reviewed by mullan (Reviewer).

test/jdk/sun/security/krb5/auto/W83.java line 26:

> 24: /*
> 25:  * @test
> 26:  * @bug 6932525 6951366 6959292 8194486 8139348

I don't think you should add the bugid here since it isn't really about testing this change.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2701



More information about the security-dev mailing list