Incompatibility notes:
======================

Currently, all of the MIT implementations of the Kerberos protocol are
not fully compliant with the Kerberos RFC --- specifically, we do not
implement the DES w/ MD5 checksum which is required by the RFC.  This
includes the Beta 4 release, although I expect to have this fixed in a
patch release as soon as possible.  I believe that we can fix this with
minimal compatibility impacts; vendors contemplating shipment of this
code as product should wait for the patch release or contact us for
futher details.

MIT implementations release Beta 2 and earlier are buggy in that they
incorrectly generate the ASN.1 for a TGS request message.  This was
fixed in Beta 3, but the fix causes Beta 2 KDC's to be unable to
respond to Beta 3 and more recent versions due to a checksum error.
The Beta 3 KDC contains backwards compatibility code so that Beta 2
and earlier application programs can continue to work with a Beta 3
and more recent KDC.
