I'll add that it's really shocking that we don't yet have PKCROSS. Lack of PKCROSS greatly hurts Kerberos' scalability. Also, Kerberos w/ PKCROSS is much closer to something like what PKI should have been: short-lived credentials, no need for revocation protocols (CRLs, OCSP). Nico --