A long long time ago DES was standardized (1973, before I was born).
Some 30 years later (2003) is was withdrawn as a standard by NIST,
today 5 years later, its time for DES to finally die. Last year you
could brute force DES in 6.4 days by buying a machine for $10000. So
last year was the time for you to migrate to better encryption types
for your Kerberos realm.
If you really are in love with DES and can't stand to be without it,
now its the time to add "[libdefaults] allow_weak_crypto = true"to
your configuration file so that your love wont die when you upgrade
next time. If you want to check your configuration, the code is
already commited to trunk in the source repro.
Application that will stop working are old Kerberos 4 tools and telnet/
Heimdal-1.3 will deprecate DES
PS there is an exception for AFS to allow it still to use DES
PSS Heimdal-1.3 will deprecate DES