Kerberos Cryptosystem Negotiation Extension
RFC 4537

Note: This ballot was opened for revision 04 and is now closed.

(Sam Hartman) Yes

(Brian Carpenter) No Objection

Comment (2006-01-30)
No email
send info
KDC should be defined where first used (line 1 of the Introduction).

At the end of section 3:
   The server MAY ignore the preference order indicated by the client.
   The policy by which the client or the server chooses an enctype
   (i.e., how the preference order for the supported enctypes is
   selected) is a local matter.

Would it be useful to observe that this would actually allow
a local decision to prefer weaker security than chosen by the KDC?

(Bill Fenner) No Objection

(Ted Hardie) No Objection

(Scott Hollenbeck) No Objection

(Russ Housley) No Objection

Comment (2006-01-30)
No email
send info
  In the Abstract:
  s/Kerberos protocol/Kerberos protocol as defined in RFC 4120/

(David Kessens) No Objection

(Bert Wijnen) No Objection

(Alex Zinin) No Objection