diff options
author | Ben Kaduk <kaduk@mit.edu> | 2013-05-31 12:48:46 -0400 |
---|---|---|
committer | Ben Kaduk <kaduk@mit.edu> | 2013-05-31 13:09:45 -0400 |
commit | 2a10e19e19c65af0e3890bdeae03c37089ef02ea (patch) | |
tree | 1db54e1712083c96315075c5681190378d50d761 /doc/admin | |
parent | fa6de1bf73926751a2f68bff31ef020eb7db9260 (diff) | |
download | krb5-2a10e19e19c65af0e3890bdeae03c37089ef02ea.tar.gz krb5-2a10e19e19c65af0e3890bdeae03c37089ef02ea.tar.xz krb5-2a10e19e19c65af0e3890bdeae03c37089ef02ea.zip |
Clean up dangling antecedent in allow_weak_crypto
The "previous three lists" are not previous any more.
Say explicitly which three lists, and make the parenthetical bind
to the correct noun.
ticket: 7655 (new)
tags: pullup
target_version: 1.11.4
Diffstat (limited to 'doc/admin')
-rw-r--r-- | doc/admin/conf_files/krb5_conf.rst | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst index f2f22afa4e..4f88c55662 100644 --- a/doc/admin/conf_files/krb5_conf.rst +++ b/doc/admin/conf_files/krb5_conf.rst @@ -99,12 +99,12 @@ Additionally, krb5.conf may include any of the relations described in The libdefaults section may contain any of the following relations: **allow_weak_crypto** - If this flag is set to false, then weak encryption types will be - filtered out of the previous three lists (as noted in - :ref:`Encryption_and_salt_types` in :ref:`kdc.conf(5)`). The - default value for this tag is false, which may cause - authentication failures in existing Kerberos infrastructures that - do not support strong crypto. Users in affected environments + If this flag is set to false, then weak encryption types (as noted in + :ref:`Encryption_and_salt_types` in :ref:`kdc.conf(5)`) will be filtered + out of the lists **default_tgs_enctypes**, **default_tkt_enctypes**, and + **permitted_enctypes**. The default value for this tag is false, which + may cause authentication failures in existing Kerberos infrastructures + that do not support strong crypto. Users in affected environments should set this tag to true until their infrastructure adopts stronger ciphers. |