Package: libkrb5-3 Version: 1.17-4 Severity: normal Tags: patch upstream Hi Sam, Ben, Russ,
I really appreciate your assistance in backporting the 1DES-removal patchset. I wanted to make sure you were aware of [1]: this fixes a bug where having an invalid enctype in a keytab would cause credential acquisition from the keytab to fail. This becomes a problem because the 1DES enctypes are considered "invalid" after their removal. Hopefully this doesn't actually affect anyone. (I only found it because I removed 3DES as well in Fedora, which seems to be more common.) Thanks, --Robbie 1: https://github.com/krb5/krb5/pull/952/commits/38be1a0a31a6104cdf8c8d72828905775f6d6636
