A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Kerberos Working Group of the IETF.
Title : A Generalized Framework for Kerberos Pre-Authentication
Author(s) : S. Hartman, L. Zhu
Filename : draft-ietf-krb-wg-preauth-framework-13.txt
Pages : 50
Date : 2009-07-30
Kerberos is a protocol for verifying the identity of principals
(e.g., a workstation user or a network server) on an open network.
The Kerberos protocol provides a mechanism called pre-authentication
for proving the identity of a principal and for better protecting the
long-term secrets of the principal.
This document describes a model for Kerberos pre-authentication
mechanisms. The model describes what state in the Kerberos request a
pre-authentication mechanism is likely to change. It also describes
how multiple pre-authentication mechanisms used in the same request
will interact.
This document also provides common tools needed by multiple pre-
authentication mechanisms. One of these tools is a secure channel
between the client and the KDC with a reply key strengthening
mechanism; this secure channel can be used to protect the
authentication exchange thus eliminate offline dictionary attacks.
With these tools, it is relatively straightforward to chain multiple
authentication mechanisms, utilize a different key management system,
or support a new key agreement algorithm.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-preauth-framework-13.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-krb-wg-preauth-framework-13.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt