This document defines a new pre-authentication mechanism for the Kerberos protocol. The mechanism uses a password-authenticated key