Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6844909

support allow_weak_crypto in krb5.conf

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 7
    • Fix Version/s: 7
    • Component/s: security-libs
    • Labels:
      None

      Description

      Latest MIT krb5 supports a allow_weak_crypto key in krb5.conf, when set to true, disallows DES be used in all kinds of etypes. We can support it also.

      Currently, MIT krb5's default value for this key is false, but it might become true one day.
      In MIT krb5 1.8, the default value becomes false. For compatibility reasons (which we always care most), we still choose true.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                weijun Weijun Wang
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: