>
> 1. The old draft9 support isn't intended to be used as a wrong-PIN
> fallback; it is only there for interoperability with old PKINIT
> implementations. It might be time to remove that support, since Windows
> Server 2003 hit the end of its extended support life in 2015.
>
When talking to the
On 02/02/2017 06:04 AM, Jacques Henry wrote:
> When talking to the draft9 are you referring to this?
> https://tools.ietf.org/html/draft-ietf-cat-kerberos-pk-init-09
Yes. Microsoft implemented this version of PKINIT and shipped it in
Windows 2000, Windows XP, and Server 2003. Later versions of W
