2004-06-29 2012-04-06 Standards Action or Expert Review These are signed values ranging from -2147483648 to 2147483647. Positive values should be assigned only for algorithms specified in accordance with this specification for use with Kerberos or related protocols. Negative values are for private use; local and experimental algorithms should use these values. Zero is reserved and may not be assigned. 0 reserved 1 des-cbc-crc 2 des-cbc-md4 3 des-cbc-md5 4 Reserved 5 des3-cbc-md5 6 Reserved 7 des3-cbc-sha1 8 Unassigned 9 dsaWithSHA1-CmsOID 10 md5WithRSAEncryption-CmsOID 11 sha1WithRSAEncryption-CmsOID 12 rc2CBC-EnvOID 13 rsaEncryption-EnvOID from PKCS#1 v1.5] 14 rsaES-OAEP-ENV-OID from PKCS#1 v2.0] 15 des-ede3-cbc-Env-OID 16 des3-cbc-sha1-kd 17 aes128-cts-hmac-sha1-96 18 aes256-cts-hmac-sha1-96 19-22 Unassigned 23 rc4-hmac 24 rc4-hmac-exp 25-64 Unassigned 65 subkey-keymaterial (opaque; PacketCable) 66-2147483647 Unassigned Standards Action or Expert Review These are signed values ranging from -2147483648 to 2147483647. Positive values should be assigned only for algorithms specified in accordance with this specification for use with Kerberos or related protocols. Negative values are for private use; local and experimental algorithms should use these values. Zero is reserved and may not be assigned. 0 Reserved 1 CRC32 4 2 rsa-md4 16 3 rsa-md4-des 24 4 des-mac 16 5 des-mac-k 8 6 rsa-md4-des-k 16 7 rsa-md5 16 8 rsa-md5-des 24 9 rsa-md5-des3 24 10 sha1 (unkeyed) 20 11 Unassigned 12 hmac-sha1-des3-kd 20 13 hmac-sha1-des3 20 14 sha1 (unkeyed) 20 15 hmac-sha1-96-aes128 20 16 hmac-sha1-96-aes256 20 17-32770 Unassigned 32771 Reserved 32772-2147483647 Unassigned 0-29 IESG Approval or Standards Action 30 Reserved Standards Action to updates or obsoletes [RFC5021] 0 Krb5 over TLS 1-29 Unassigned 30 Reserved Expert Review The designated expert may find that IETF Review is required. See for more information. 1 PA-TGS-REQ 2 PA-ENC-TIMESTAMP 3 PA-PW-SALT 4 reserved 5 PA-ENC-UNIX-TIME (deprecated) 6 PA-SANDIA-SECUREID 7 PA-SESAME 8 PA-OSF-DCE 9 PA-CYBERSAFE-SECUREID 10 PA-AFS3-SALT 11 PA-ETYPE-INFO 12 PA-SAM-CHALLENGE 13 PA-SAM-RESPONSE 14 PA-PK-AS-REQ_OLD 15 PA-PK-AS-REP_OLD 16 PA-PK-AS-REQ 17 PA-PK-AS-REP 18 PA-PK-OCSP-RESPONSE 19 PA-ETYPE-INFO2 20 PA-USE-SPECIFIED-KVNO 20 PA-SVR-REFERRAL-INFO 21 PA-SAM-REDIRECT 22 PA-GET-FROM-TYPED-DATA (embedded in typed data) 22 TD-PADATA (embeds padata) 23 PA-SAM-ETYPE-INFO (sam/otp) 24 PA-ALT-PRINC 25 PA-SERVER-REFERRAL 26-29 Unassigned 30 PA-SAM-CHALLENGE2 31 PA-SAM-RESPONSE2 32-40 Unassigned 41 PA-EXTRA-TGT Reserved extra TGT 42-100 Unassigned 101 TD-PKINIT-CMS-CERTIFICATES 102 TD-KRB-PRINCIPAL PrincipalName 103 TD-KRB-REALM Realm 104 TD-TRUSTED-CERTIFIERS 105 TD-CERTIFICATE-INDEX 106 TD-APP-DEFINED-ERROR Application specific 107 TD-REQ-NONCE INTEGER 108 TD-REQ-SEQ INTEGER 109 TD_DH_PARAMETERS 110 Unassigned 111 TD-CMS-DIGEST-ALGORITHMS 112 TD-CERT-DIGEST-ALGORITHMS 113-127 Unassigned 128 PA-PAC-REQUEST MSKILE 129 PA-FOR_USER MSKILE 130 PA-FOR-X509-USER MSKILE 131 PA-FOR-CHECK_DUPS MSKILE 132 PA-AS-CHECKSUM MSKILE 133 PA-FX-COOKIE 134 PA-AUTHENTICATION-SET 135 PA-AUTH-SET-SELECTED 136 PA-FX-FAST 137 PA-FX-ERROR 138 PA-ENCRYPTED-CHALLENGE 139-140 Unassigned 141 PA-OTP-CHALLENGE 142 PA-OTP-REQUEST 143 PA-OTP-CONFIRM (OBSOLETED) 144 PA-OTP-PIN-CHANGE 145 PA-EPAK-AS-REQ (sshock@gmail.com) 146 PA-EPAK-AS-REP (sshock@gmail.com) 147 PA_PKINIT_KX 148 PA_PKU2U_NAME 149-164 Unassigned 165 PA-SUPPORTED-ETYPES MSKILE 166 PA-EXTENDED_ERROR MSKILE Standards Action 0 Reserved Reserved 1 FX_FAST_ARMOR_AP_REQUEST Ticket armor using an ap-req. Standards Action 0 RESERVED Reserved for future expansion of this field. 1 hide-client-names Requesting the KDC to hide client names in the KDC response 16 kdc-follow-referrals reserved Specification Required anonymous Specification Required anonymous