This is currently not possible with the toolkit. I've put an experimental patch
to GSSAPI from the trunk that enables this via an environment variable at
http://www-unix.mcs.anl.gov/~bester/patches/bug5768.diff but that functionality
is not  something currently planned for either 4.0.x or 4.2. 

On the other hand, 4.2 will include support for newer openssl versions and
better TLS1 support, so the AES256 cipher will be available by default if TLS1
is used.

Joe

(In reply to comment #1)
> This is currently not possible with the toolkit. I've put an experimental patch
> to GSSAPI from the trunk that enables this via an environment variable at
> http://www-unix.mcs.anl.gov/~bester/patches/bug5768.diff but that functionality
> is not  something currently planned for either 4.0.x or 4.2. 
> 
> On the other hand, 4.2 will include support for newer openssl versions and
> better TLS1 support, so the AES256 cipher will be available by default if TLS1
> is used.
> 
> Joe
> 

dear joe.

i did modify the globus_i_gsi_gss_utils.c by adding the lines of stating code
getenv "GLOBUS_SSL_CIPHERS" given by you and built it. it seemly doesn't work
and no changes. my question here is, how do we set the environment of
GLOBUS_SSL_CIPHERS inside globus. Is either using such this " export
GLOBUS_SSL_CIPHERS='ALL:!DES-CBC3-SHA' " under Linux environment or other way. 

I did as above way but still doesn't work. I test to see the cipher used by
globus container used by calling the function " openssl s_client -connect
gserverx.mimos.my:8443 ". 

At this stage, i am still unclear how this encryption happened in globus. How
to change it to different ciphers. I would appreciate you if you could send
this message to other developers also who can also give their ideas.

Thanks Joe.

regards
Nazri