Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 563

Surprisingly enough, still a bug, though the error message is less
cryptic  these days.  Basically the kdb_init_hist() in
lib/kadm5/srv/server_kdb.c expects that the history principal has a key
of the same enctype as the master key, which isn't necessarily the case,
especially where master_key_enctype is not in supported_enctypes.  The
process of creating the history principal uses supported_enctypes, just
like all of libkadm5's principal creations do by default.

The creation of the history principal should probably explicitly use the
master key's enctype.