Deprecate DES, RC4-HMAC-EXP, and Other Weak Cryptographic Algorithms in Kerberos
RFC 6649

Note: This ballot was opened for revision 04 and is now closed.

(Stephen Farrell) Yes

(Brian Haberman) Yes

Comment (2012-04-17)
No email
send info
I am glad to see this draft and it is well-written.

I am curious as to why the recommendation is limited to SHOULD NOTs and not MUSTs.  Are there reasons to allow this wiggle room?  If so, it would be good to give an example in the draft.

(Sean Turner) Yes

Comment (2012-04-17)
No email
send info
Finally!

(Ron Bonica) No Objection

(Stewart Bryant) No Objection

(Benoît Claise) No Objection

(Wesley Eddy) No Objection

(Adrian Farrel) (was Discuss) No Objection

Comment (2012-04-26)
No email
send info
I cleared my Discuss after a conversation with the AD and WG chair on the understanding that they will close the loop with the WG on whether the code points in any IANA registries should be deprecated.

(Russ Housley) No Objection

Barry Leiba No Objection

(Pete Resnick) (was Discuss) No Objection

(Robert Sparks) No Objection

Comment (2012-04-24)
No email
send info
Like Pete, I don't understand why this should be published as a BCP (I support that portion of his DISCUSS).

(Martin Stiemerling) No Objection

Comment (2012-04-22)
No email
send info
This draft does not update RFC 1510 but aims to obsolete it , i.e. the header of the draft is not correct:
"Updates: 1510, 1964, 4120, 4121, 4757"

However, Pete's discuss covers this already.