Gary said: > I don't think anyone suggest blocking non NTS servers, yet. I think we should be thinking about it. Seems like a good check-box for an auditor. It's what I had in mind with something like a "secure yes" option. (I included shared-key authentication as secure) -- These are my opinions. I hate spam.