Kerberos ([login to view URL]) and PKI (some codes for certificate authority could be downloaded from [login to view URL]) can all be used to generate session keys for secure communication. What are the pros and cons of each method? If you are the security officer of your company and want to set up a key distribution mechanism, which one would you choose to use?