> You mentioned two security protocols above - well they have proven to be > vulnerable. > > http://search.cert.org/query.html?col=allcert&col=certadv&col=incnotes&col=research&col=secimp&col=techtips&col=trandedu&col=vulnotes&ht=0&qp=&qt=KDC&qs=&qc=&pw=100%25&ws=1&la=en&qm=0&st=1&nh=25&lk=1&rf=2&rq=0&si=1 > http://search.cert.org/query.html?rq=0&ht=0&qp=&qs=&qc=&pw=100%25&ws=1&la=&qm=0&st=1&nh=25&lk=1&rf=2&oq=&rq=0&si=1&col=allcert&col=trandedu&col=vulnotes&col=techtips&col=research&col=certadv&col=incnotes&col=secimp&qt=kerberos It was the implementation that was vulnerable, not the protocol. Jan