John Washington <[EMAIL PROTECTED]> writes: > I would definitely add aes128-cts-hmac-sha1-96 and > aes256-cts-hmac-sha1-96, as Microsoft is adding these to AD (and I > prefer good encryption, not really broken encryption)
Is there any reason to add the 128-bit keys? So far, it seems like everyone who can do 128-bit can also do 256-bit, but maybe that isn't true of the upcoming Windows release? (They're both equally export-controlled, so far as I know.) -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
