On Thu, Mar 31, 2011 at 5:43 PM, Luke Howard <[email protected]> wrote: > The problem with this approach is that we end up reimplementing RFC 3961. > It's possible now to build an enctype-agnostic implementation, and this > would make that harder, at least with the APIs provided by shipping Kerberos > implementations.
I don't follow. A hash algorithm would be used entirely outside the RFC3961 framework, and the MIC would be the same that the mechanism surely must already support. Nico -- _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
