AD domain signing policies

What specific AD policies will enable signed communications that will prevent Tiger clients with the AD Plugin from being able to communicate with domain controllers? I'm already aware of the SMB signing issues that are related to file servers. Are there other specific signing policies that could create a problem for Mac clients? We are looking at increased security within our domain level and discussing which GPOs we can safely apply to various kinds of clients (Mac vs. Windows, client vs. server vs. domain controller, laptop vs. desktop ... all permutations are in play). Thanks!