RFR: 8139348: Deprecate 3DES and RC4 in Kerberos [v3]

Weijun Wang weijun at openjdk.java.net
Thu Feb 25 14:34:00 UTC 2021


> Deprecate des3-hmac-sha1 (etype 16) and rc4-hmac (etype 23). User can add "allow_weak_crypto = true" in krb5.conf to re-enable them (plus the DES-based etypes deprecated long ago).

Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:

  no need to mention unrelated bug

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/2701/files
  - new: https://git.openjdk.java.net/jdk/pull/2701/files/146bc47a..0e7a61dd

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=2701&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=2701&range=01-02

  Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
  Patch: https://git.openjdk.java.net/jdk/pull/2701.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/2701/head:pull/2701

PR: https://git.openjdk.java.net/jdk/pull/2701



More information about the security-dev mailing list