16.10 - Message Encryption for Kerberos Authentication - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

For users authenticated by Kerberos (KRB5 or SPNEGO mechanism) who enable message encryption, the system uses the encryption method automatically negotiated by Kerberos, and in accordance with Internet Engineering Task Force (IETF) RFC 4121 Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API).

For details on determining the encryption method when using Kerberos, see RFC 3961 and RFC 4121. The mechanism QOP is ignored.