Kerberos Client E.1.6.2.04 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software

Table 1-3 Encryption Types supported by Kerberos Client E.1.6.2.04 (continued)

DescriptionEncryption Type

ArcFour with HMAC/md5arcfour-hmac

ArcFour with HMAC/md5

This encryption type is an alias to the arcfour-hmac encryption type. If

you specify rc4-hmac in the configuration file, then it’s behavior is the

same as arcfour-hmac.

rc4-hmac

ArcFour with HMAC/md5

This encryption type is an alias to the arcfour-hmac encryption type. If

you specify arcfour-hmac-md5 in the configuration file, then it’s behavior

is the same as arcfour-hmac.

arcfour-hmac-md5

Exportable ArcFour with HMAC/md5arcfour-hmac-exp

Exportable ArcFour with HMAC/md5

This encryption type is an alias to the arcfour-hmac-exp encryption

type. If you specify rc4-hmac-exp in the configuration file, then it’s

behavior is the same as arcfour-hmac-exp.

rc4-hmac-exp

Exportable ArcFour with HMAC/md5

This encryption type is an alias to the arcfour-hmac-exp encryption

type. If you specify arcfour-hmac-md5-exp in the configuration file,

then it’s behavior is the same as arcfour-hmac-exp.

arcfour-hmac-md5-exp

AES-128 CTS mode with 96-bit SHA-1 HMACaes128-cts-hmac-sha1-96

AES-128 CTS mode with 96-bit SHA-1 HMAC

This encryption type is an alias to the aes128-cts-hmac-sha1-96

encryption type. If you specify aes128-cts in the configuration file, then

it’s behavior is the same as aes128-cts-hmac-sha1-96.

aes128-cts

AES-256 CTS mode with 96-bit SHA-1 HMACaes256-cts-hmac-sha1-96

AES-256 CTS mode with 96-bit SHA-1 HMAC

This encryption type is an alias to the aes256-cts-hmac-sha1-96

encryption type. If you specify aes256-cts in the configuration file, then

it’s behavior is the same as aes256-cts-hmac-sha1-96.

aes256-cts

What Is New in This Version

Kerberos Client E.1.6.2.04 is a defect-fix release and does not contain any new features. For more

information on the defects fixed in this release, see “Defect Fixes in This Version”.

Kerberos Client E.1.6.2.04 includes the following new features introduced in E.1.6.2:

• Provides thread safety for Kerberos libraries

• Provides the following new client commands:

— Command for copying service ticket between credential caches - kcpytkt

— Command for deleting service ticket from the credential cache - kdeltkt

• Provides the following new functions, which are needed for NFSv4:

— The gss_krb5_set_allowable_enctypes() function

— The gss_krb5_export_lucid_sec_context() function

• Provides a plug-in architecture that allows for extension modules to be loaded at run-time

• Partial client implementation to handle server name referrals

What Is New in This Version 9