Triple-DES Support for the Kerberos 5 GSSAPI Mechanism

Document Type Expired Internet-Draft (individual)
Author Kenneth Raeburn 
Last updated 2000-11-29
Stream (None)
Intended RFC status (None)
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The GSSAPI Kerberos 5 mechanism definition [GSSAPI-KRB5] specifically enumerates encryption and checksum types, independently of how such schemes may be used in Kerberos. In the long run, a new Kerberos- based mechanism, which does not require separately enumerating for the GSSAPI mechanism each of the various encryption types defined by Kerberos, is probably a better approach. Various people have expressed interest in designing one, but the work has not yet been completed.


Kenneth Raeburn (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)