From de2def41152ce767eabdbca801207438eb3b234d Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Thu, 16 Jun 1994 06:03:47 +0000 Subject: [PATCH] Added file documenting incompatibility problems with previous versions of Kerberos. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3846 dc483132-0cff-0310-8789-dd5450dbe970 --- doc/INCOMPATIBILITY | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 doc/INCOMPATIBILITY diff --git a/doc/INCOMPATIBILITY b/doc/INCOMPATIBILITY new file mode 100644 index 000000000..fdb377e16 --- /dev/null +++ b/doc/INCOMPATIBILITY @@ -0,0 +1,19 @@ +Incompatibility notes: +====================== + +Currently, all of the MIT implementations of the Kerberos protocol are +not fully compliant with the Kerberos RFC --- specifically, we do not +implement the DES w/ MD5 checksum which is required by the RFC. This +includes the Beta 4 release, although I expect to have this fixed in a +patch release as soon as possible. I believe that we can fix this with +minimal compatibility impacts; vendors contemplating shipment of this +code as product should wait for the patch release or contact us for +futher details. + +MIT implementations release Beta 2 and earlier are buggy in that they +incorrectly generate the ASN.1 for a TGS request message. This was +fixed in Beta 3, but the fix causes Beta 2 KDC's to be unable to +respond to Beta 3 and more recent versions due to a checksum error. +The Beta 3 KDC contains backwards compatibility code so that Beta 2 +and earlier application programs can continue to work with a Beta 3 +and more recent KDC. -- 2.26.2