The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows
RFC 4757

Note: This ballot was opened for revision 03 and is now closed.

(Sam Hartman) (was Discuss, Yes) Yes

(Jari Arkko) No Objection

Comment (2006-09-14)
No email
send info
Like Cullen, I am concerned about the export control
statements. We know for a fact that strong crypto
is exportable, just look at what a random U.S. based
security product vendor sells elsewhere in the world;
of course its possible that there are conditions 
relating to the type of product or how its delivered,
what country we are talking about etc. But it serves 
the IETF no good to make make broad statements
like this in RFCs, someone may actually believe
them and not use the best possible crypto. Please
remove or qualify.

(Ross Callon) No Objection

(Lisa Dusseault) No Objection

(Lars Eggert) No Objection

(Russ Housley) (was Discuss) No Objection

Comment (2006-09-14)
No email
send info
  I am also concerned about the "export language" raised by others, but
  I see no reason to "pile on" another DISCUSS on that point.  I'm sure
  it will be fixed.

  In several places, SGN_ALG contains an integrity algorithm indicator.
  And the document says that "11 00 - HMAC".  I hope that this means
  HMAC-MD5 and that HMAC-SHA1 might be used in the future with a value
  other than "11 00."

(Cullen Jennings) No Objection

Comment (2006-09-12)
No email
send info
Document says that "3DES is not available" for export. Is this really right? Could it be made a little more precise.

(David Kessens) No Objection

(Dan Romascanu) No Objection

Magnus Westerlund No Objection