This issue was a major focus of discussion at today's release meeting for MIT Kerberos upstream.
The consortium plans to: 1) Introduce a new API to enable weak crypto for a given context. This API will not be the same as the Heimdal API for implementation complexity reasons. 2) Look into logging and returning a better error for the case when the client's enctypes do not overlap with the service's enctypes. --Sam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
