Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8273670 Remove weak etypes from default krb5 etype list
  3. JDK-8274209

Release Note: Removed Weak etypes From Default krb5 etype List

    XMLWordPrintable

Details

    Description

      Weak encryption types based on DES, 3DES, and RC4 have been removed from the default encryption types list in Kerberos. These weak encryption types can be enabled (at your own risk) by adding them to the "permitted_enctypes" property (or alternatively, the "default_tkt_enctypes" or "default_tgt_enctypes" properties) and setting "allow_weak_crypto" to "true" in the `krb5.conf` configuration file.

      Attachments

        Activity

          People

            weijun Weijun Wang
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: