SASL always returns ssf=56 for GSSAPI
Alexey Melnikov
alexey.melnikov at isode.com
Thu Sep 21 13:06:57 EDT 2006
Hai Zaar wrote:
> I'm using cyrus SASL with openldap.
>
> I've noticed, that SASL always returns ssf=56 for GSSAPI, however
> ethereal shows that underlying kerberos traffic is encrypted with
> aes256-cts-hmac-sha1-96
>
> Is that on purpose?
No.
As far as I know there is no portable way to extract strength of the
strongest cipher from GSSAPI.
Let me know if I am wrong.
> P.S. I'm not on the list, so please CC me.
More information about the Cyrus-sasl
mailing list