[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: aes256-cts-hmac-sha1-96 support in Heimdal 0.6.2

Karsten Künne <karsten.kuenne@desy.de> writes:

> But I compiled heimdal with the following flags:
> CFLAGS=-xbuiltin=%all -xlibmil -xO2 -xtarget=ultra -xarch=v8plusa -mt 

That would explain it.

> But it looks like I have to wait for 0.7 for AES support, right?


> I'll probably try a snapshot but not for our production server for
> obvious reasons.  Fortunately, I can always force MIT to use 3DES and not
> AES and then it interops fine with heimdal. But it's certainly nicer if
> it works out-of-the-box without additional configuration.

I'm running current on one of my production KDC, it have been serving 2M
requests this two last months without any problems.


PGP signature