>BTW, the whole concept of absolute security strength factors is broken. I am not disagreeing with you ... but it still sucks that GSSAPI has no way of getting out the type of crypto that it is using for a security layer, if for no other reason than to have an application log it (if it was available, I would log it). --Ken