freeipa

IntenseWebs/freeipa

Fork 0

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Commit Graph

Author	SHA1	Message	Date
Christian Heimes	3509545897	Require a minimum SASL security factor of 56 SSF_MINX 56 level ensures data integrity and confidentiality for SASL GSSAPI and SASL GSS SPNEGO connections. Although at least AES128 is enforced pretty much everywhere, 56 is required for backwards compatibility with systems that announce wrong SSF. Related: https://pagure.io/freeipa/issue/7140 Related: https://pagure.io/freeipa/issue/4580 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Tibor Dudlak <tdudlak@redhat.com>	2019-04-03 15:16:21 +02:00

Author

SHA1

Message

Date

Christian Heimes

3509545897

Require a minimum SASL security factor of 56

SSF_MINX 56 level ensures data integrity and confidentiality for SASL
GSSAPI and SASL GSS SPNEGO connections.

Although at least AES128 is enforced pretty much everywhere, 56 is required
for backwards compatibility with systems that announce wrong SSF.

Related: https://pagure.io/freeipa/issue/7140
Related: https://pagure.io/freeipa/issue/4580
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Tibor Dudlak <tdudlak@redhat.com>

2019-04-03 15:16:21 +02:00

1 Commits