This document specifies two encryption types and two corresponding checksum
types for Kerberos 5. The new types use AES in CTS mode (CBC mode with
ciphertext stealing) for confidentiality and HMAC with a SHA-2 hash for
This document is a product of the Common Authentication Technology Next Generation Working Group of the IETF.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
Requests for special distribution should be addressed to either the
author of the RFC in question, or to [hidden email]. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
The RFC Editor Team
Association Management Solutions, LLC