[RHEL-84872] [DEV Task]: Disallow use of RC4 for session keys by default - Red Hat Issue Tracker

Type: Task
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: krb5
Labels:
- commit
- dev_task

sprint_count:
2

Pool Team:

rhel-sst-idm-ipa
Sub-System Group:

ssg_idm

Sprint:
2025-Q1-Bravo-S6, 2025-Q2-Bravo-S1
Story Points:
5
Blocked:
False
Blocked Reason:

Hide

None

Show
None

An change was mad upstream to disallow use of RC4 by default (an additional configuration parameter has to be set to allow it):
https://github.com/krb5/krb5/commit/1b57a4d134bbd0e7c52d5885a92eccc815726463

This restriction is also part of MS-KILE:
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/6cfc7b50-11ed-4b4d-846d-6f08f0812919

This change was reverted to avoid conflicts with the crypto-policy system. But it may still be needed for restricting use of RC4 for session keys specifically.

split from

RHEL-84719 Disallow use of RC4 for session keys by default [rhel-10]

In Progress

Assignee:: Julien Rische

Reporter:: RHEL Jira bot

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2025/03/25 2:44 PM

Updated:: 2025/04/10 9:37 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide