I have an update. :) I've spoken with everyone I could find who deals with user configurations which may include these cipher suites, and they all agree that users are no longer using TLS KRB5 and that it is no longer recommended either. So, from our perspective, it would be OK to drop these after all.
On Wed, Feb 21, 2018 at 9:32 AM, Xuelei Fan <xuelei....@oracle.com> wrote: > Thanks for the feed back. It's good enough to get KRB5 cipher suites back. > > Regards, > Xuelei > > > On 2/21/2018 5:06 AM, David Lloyd wrote: >> >> On Tue, Feb 20, 2018 at 1:57 PM, Xuelei Fan <xuelei....@oracle.com> wrote: >>> >>> In this implementation, I removed: >>> 1. the KRB5 cipher suite implementation. >>> Please let me know if you are still using KRB5 cipher suite. I may not >>> add >>> them back if no objections. >> >> >> I am given to understand that we have multiple users using the KRB5 >> cipher suite. >> > -- - DML