Public Key Cryptography for Initial Authentication in Kerberos (PKINIT)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, krb-wg mailing list <firstname.lastname@example.org>, krb-wg chair <email@example.com> Subject: Protocol Action: 'Public Key Cryptography for Initial Authentication in Kerberos' to Proposed Standard The IESG has approved the following documents: - 'Public Key Cryptography for Initial Authentication in Kerberos ' <draft-ietf-cat-kerberos-pk-init-35.txt> as a Proposed Standard - 'OCSP Support for PKINIT ' <draft-ietf-krb-wg-ocsp-for-pkinit-07.txt> as a Proposed Standard These documents are products of the Kerberos Working Group. The IESG contact persons are Sam Hartman and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-init-35.txt
Technical Summary This document describes protocol extensions (hereafter called PKINIT) to the Kerberos protocol specification. These extensions provide a method for integrating public key cryptography into the initial authentication exchange, by using asymmetric-key signature and/or encryption algorithms in pre-authentication data fields. A companion document describes the use of OCSP with this protocol. Working Group Summary This document is the result of work begun nearly 10 years ago in the CAT working group. In that time the two working groups have focused much of their energy on this work, resulting in quite a lot of discussion, some heated debate, and a few compromises. Due to timing constraints, one significant stakeholder was forced to adopt and deploy an early version of this specification, rather than waiting for the final product. While we regret being unable to meet their timeline, much of the intervening time was well-spent, and we think the protocol is significantly improved as a result. This document represents the consensus of the Kerberos Working Group. Protocol Quality Several major Kerberos implementors have indicated an intent to implement this protocol; some have done so already. While the current version has not yet been widely deployed, significant experience has been gained by wide deployment of earlier versions of this protocol. This protocol was reviewed by Jeffrey Hutzelman and Sam Hartman. Note to RFC Editor Please make the following changes in draft-ietf-cat-kerberos-pk-init: In section 1: OLD: The corner-stone of Kerberos V5 is the Ticket and the Authenticator. NEW: The corner-stones of Kerberos V5 are the Ticket and the Authenticator. In section 3.1.3: OLD: All structures defined in or imported into this document MUST be encoded using Distinguished Encoding Rules (DER) [X680] [X690] (unless otherwise noted). All data structures carried in OCTET STRINGs must be encoded according to the rules specified in corresponding specifications. NEW: All structures defined in or imported into this document MUST be encoded using Distinguished Encoding Rules (DER) [X680] [X690] (unless otherwise noted). All data structures carried in OCTET STRINGs MUST be encoded according to the rules specified in the specifications defining each data structure; a reference to the appropriate specification is provided for each data structure. In section 4: OLD: In addition, if any CA is trusted to issue KDC certificates can NEW: In addition, if any CA that is trusted to issue KDC certificates can Add at the end of section 4: NEW: The key usage number 6 used by the asChecksum field is also used for the authenticator checksum (cksum field of AP-REQ) contained in the PA-TGS-REQ preauthentication data contained in a TGS-REQ [RFC4120]. This conflict is present for historical reasons; the reuse of key usage numbers is strongly discouraged.