Hello, On 03/19/2012 09:00 AM, Michael Weiser wrote: > Hello Kevin, > Hello list, > > On Wed, Mar 14, 2012 at 02:48:29PM +0100, Michael Weiser wrote: > >> So the client's ticket for the server is encrypted using arcfour-hmac >> but the session key contained therein is only des-cbc-crc. > >> This behaviour works so seamlessly, that I had assumed, it's intentional. >> Are you telling me, that it is neither intended nor supported? > >> If so: Isn't this something we'd want to have? I accept that it's not >> much use from an interoperability point of view but it sure simplifies >> administration in a Linux-only environment. Doesn't this also have at >> least some positive security impact? And as I've said, it greatly >> simplifies Linux admins' life in an Active Directory 2008 R2+ >> environment where AD administrators will be very reluctant to change the >> domain security policy for those obscure Linux boxes. > > Any thoughts on this, anyone? The fact you are making it simpler for admins is a good thing IMHO... > > If nobody objects, I'd resubmit my patch to gssd with some cleanup and > documentation.\ No, Please do... steved. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
