svn commit: r348875 - head/sys/kgssapi/krb5
John Baldwin
jhb at FreeBSD.org
Mon Jun 10 19:28:51 UTC 2019
On 6/10/19 12:22 PM, John Baldwin wrote:
> Author: jhb
> Date: Mon Jun 10 19:22:36 2019
> New Revision: 348875
> URL: https://svnweb.freebsd.org/changeset/base/348875
>
> Log:
> Add warnings for Kerberos GSS algorithms deprecated in RFCs 6649 and 8429.
>
> All of these algorithms are explicitly marked SHOULD NOT in one of these
> RFCs.
>
> Specifically, RFC 6649 deprecates all algorithms using DES as well as
> the "export-friendly" variant of RC4. RFC 8429 deprecates Triple DES
> and the remaining RC4 algorithms.
>
> Reviewed by: cem
> MFC after: 1 month
> Sponsored by: Chelsio Communications
> Differential Revision: https://reviews.freebsd.org/D20343
Bah, missed Relnotes: yes
The long MFC timer is because I haven't run-tested this yet as when I sat down to
look at what it would take to setup GSSAPI with NFS and Kerberos it seemed a bit
of a daunting task. As such, I don't think it makes sense to rush into 11.3.
--
John Baldwin
More information about the svn-src-all
mailing list