[draft] End of Support For Kerberos 4

Matt Crawford crawdad at fnal.gov
Fri Aug 20 17:05:27 EDT 2004

Three comments (two substantive, one stylistic).

> Affording the equipment necessary
> to break DES encryption is within the means of many companies and all
> major governments.

Could you raise the voltage on the DES warning, for those who don't 
consider companies and governments to be part of their thread model?  
More urgent, yet just as true:

"... within the means of some individuals, many companies, and all 
major governments."

The usage nit - "As such" doesn't work below, because there's no answer 
to the question "as what?"

> As such, DES cannot be considered secure for any long-term keys,

I suggest "Consequently, DES cannot be considered secure ..."

> We wish you all the best of luck in your migration to Kerberos 5 and
> hope you enjoy the flexibility and power of the new protocol.

"new protocol" sells short the maturity of Kerberos 5.  How about 
"newer protocol"?

More information about the krbdev mailing list