Hai Zaar wrote:
I'm using cyrus SASL with openldap. I've noticed, that SASL always returns ssf=56 for GSSAPI, however ethereal shows that underlying kerberos traffic is encrypted with aes256-cts-hmac-sha1-96 Is that on purpose?
No.As far as I know there is no portable way to extract strength of the strongest cipher from GSSAPI.
Let me know if I am wrong.
P.S. I'm not on the list, so please CC me.
