JDK-6844909 : support allow_weak_crypto in krb5.conf
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: org.ietf.jgss:krb5
  • Affected Version: 7
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2009-05-26
  • Updated: 2013-04-19
  • Resolved: 2010-03-17
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7 b86Fixed
Related Reports
Relates :  
Latest MIT krb5 supports a allow_weak_crypto key in krb5.conf, when set to true, disallows DES be used in all kinds of etypes. We can support it also.

Currently, MIT krb5's default value for this key is false, but it might become true one day.
In MIT krb5 1.8, the default value becomes false. For compatibility reasons (which we always care most), we still choose true.

EVALUATION http://hg.openjdk.java.net/jdk7/tl/jdk/rev/61c298558549