It's broken that krb5 encryption is a compile time flag rather than a
dumptype option. With 2.4 and krb4, it's a dumptype option. I fixed
2.5's krb4 encryption, but I think by leaving it on always, and my fuzzy
memory is that adding it on a per-dumptype basis required adding it to
the protocol.
AES should be a lot faster than 3DES.
|