[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: aes256-cts-hmac-sha1-96 support in Heimdal 0.6.2

To: Karsten Künne <karsten.kuenne@desy.de>
Subject: Re: aes256-cts-hmac-sha1-96 support in Heimdal 0.6.2
From: Love <lha@stacken.kth.se>
Date: Thu, 05 Aug 2004 12:54:54 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: <200408031157.02570.karsten.kuenne@desy.de> (KarstenKünne's message of "Tue, 3 Aug 2004 11:57:02 -0400")
References: <200407291759.26428.karsten.kuenne@desy.de><am1xio4hli.fsf@nutcracker.stacken.kth.se><200408031157.02570.karsten.kuenne@desy.de>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)


Karsten Künne <karsten.kuenne@desy.de> writes:

> But I compiled heimdal with the following flags:
>
> CFLAGS=-xbuiltin=%all -xlibmil -xO2 -xtarget=ultra -xarch=v8plusa -mt 
> -D_REENTRANT -KPIC -DENABLE_AES=1

That would explain it.

> But it looks like I have to wait for 0.7 for AES support, right?

Yes.

> I'll probably try a snapshot but not for our production server for
> obvious reasons.  Fortunately, I can always force MIT to use 3DES and not
> AES and then it interops fine with heimdal. But it's certainly nicer if
> it works out-of-the-box without additional configuration.

I'm running current on one of my production KDC, it have been serving 2M
requests this two last months without any problems.

Love

PGP signature

References:
- Re: aes256-cts-hmac-sha1-96 support in Heimdal 0.6.2
  - From: Love <lha@stacken.kth.se>
- Re: aes256-cts-hmac-sha1-96 support in Heimdal 0.6.2
  - From: Karsten Künne <karsten.kuenne@desy.de>

Prev by Date: Re: Storing entries in several levels
Next by Date: Results from my request for testimonials
Prev by thread: Re: aes256-cts-hmac-sha1-96 support in Heimdal 0.6.2
Next by thread: Kerberos/LDAP/SASL central authentication server howto
Index(es):
- Date
- Thread