We chose to create the host/solsarpc2.in.ibm.com service principal with a triple DES encryption type, as AIX and Solaris Kerberos support it.

Ensure that a sufficiently robust encryption algorithm, such as triple DES or AES, is used to encrypt all confidential information stored on the system.

The accompanying source code USES XML encryption that only recognizes the triple-DES algorithm, hence I create the key with that algorithm.