Review of http://k5wiki.kerberos.org/wiki/Projects/RFC_4537 concluding January 10 2009

[Sam Hartman]

   RFC 4537 defines an encryption type negotiation extension to Kerberos. This option
      allows clients and servers to use a stronger or faster bulk encryption mechanism even if
         the KDC does not support it. The client indicates a set of supported encryption types in
            the ap-req. If the server chooses one of these encryption types then it proposes a
               subkey in the ap-rep with an encryption type different than that selected by the client.
               


--Sam