Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by krbdev.mit.edu (8.12.9) with ESMTP id l3UGTTL8008283; Mon, 30 Apr 2007 12:29:29 -0400 (EDT) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id l3UGTN6M024826 for ; Mon, 30 Apr 2007 12:29:23 -0400 (EDT) Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id l3UGTMpF017225 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 30 Apr 2007 12:29:23 -0400 (EDT) Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id l3UGTMpn010371; Mon, 30 Apr 2007 12:29:22 -0400 (EDT) To: rt@krbdev.mit.edu Subject: Re: [krbdev.mit.edu #5550] krb5_set_default_tgs_enctypes does not work in Kerberos 1.6 References: From: Tom Yu Date: Mon, 30 Apr 2007 12:29:22 -0400 In-Reply-To: (Sam Hartman via's message of "Mon, 30 Apr 2007 04:07:34 -0400 (EDT)") Message-ID: Lines: 10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Scanned-BY: MIMEDefang 2.42 X-Spam-Flag: NO X-Spam-Score: 0.00 RT-Send-Cc: X-RT-Original-Encoding: us-ascii Content-Length: 407 >>>>> "Sam" == Sam Hartman via RT writes: Sam> You need to somehow order the enctypes though so that enctypes that Sam> end up in the restricted application set come first (and in their Sam> order) when using conf_ktypes. Sam> If you do that, this sounds reasonable. Are you suggesting this as an alternative to repeating the request for the final ticket using conf_ktypes=0?