Date: Mon, 10 Jun 2019 12:28:48 -0700 From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r348875 - head/sys/kgssapi/krb5 Message-ID: <b65ff86e-1399-ced7-df12-1d823c23da87@FreeBSD.org> In-Reply-To: <201906101922.x5AJMa3P015444@repo.freebsd.org> References: <201906101922.x5AJMa3P015444@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/10/19 12:22 PM, John Baldwin wrote: > Author: jhb > Date: Mon Jun 10 19:22:36 2019 > New Revision: 348875 > URL: https://svnweb.freebsd.org/changeset/base/348875 > > Log: > Add warnings for Kerberos GSS algorithms deprecated in RFCs 6649 and 8429. > > All of these algorithms are explicitly marked SHOULD NOT in one of these > RFCs. > > Specifically, RFC 6649 deprecates all algorithms using DES as well as > the "export-friendly" variant of RC4. RFC 8429 deprecates Triple DES > and the remaining RC4 algorithms. > > Reviewed by: cem > MFC after: 1 month > Sponsored by: Chelsio Communications > Differential Revision: https://reviews.freebsd.org/D20343 Bah, missed Relnotes: yes The long MFC timer is because I haven't run-tested this yet as when I sat down to look at what it would take to setup GSSAPI with NFS and Kerberos it seemed a bit of a daunting task. As such, I don't think it makes sense to rush into 11.3. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b65ff86e-1399-ced7-df12-1d823c23da87>