On 04/02/2017 04:59 PM, krb at pallissard.net wrote: > Has MIT kerberos implemented pkinit with elliptic curve certs/keys? Some initial searching points me to an informational ietf RFC posted out there, but nothing official. We have not, although we would like to in principle. I believe Heimdal does; I'm not sure about Microsoft.