PKINIT

[Sam Hartman]

This post, more than most is my individual opinion, and is certainly
not the opinion of MIT or the MIT Kerberos team.


>>>>> "Tim" == Tim Alsop <Tim.Alsop at CyberSafe.Ltd.UK> writes:

    Tim> The CyberSafe TrustBroker products have PKINIT (draft 5)
    Tim> support and we are currently in the process of developing
    Tim> draft 16 (from RFC1510bis) into our KDC. 
Please, before adopting anything from draft 16, make sure that the
working group hasn't already developed a consensus to do something
different.  CyberSafe has a long tradition of picking the worst parts
of ongoing work both from the MIT release and if memory serves from
IETF drafts, implementing them and then causing everyone to regret the
result.  The biggest example is of course 3des-cbc-md5, although there
have certainly been others.

It would be great to see CyberSafe work closer with the rest of the
Kerberos community rather than be a thorn in its side.


--Sam