A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Kerberos Working Group of the IETF.
Title : Deprecate DES support for Kerberos
Author(s) : Love Hornquist Astrand
Tom Yu
Filename : draft-ietf-krb-wg-des-die-die-die-00.txt
Pages : 14
Date : 2012-02-03
The Kerberos 5 network authentication protocol originally used the
Data Encryption Standard (DES) for encryption. Almost 30 years it
introduced the first DES standard, the National Institute of
Standards and Technology (NIST) finally withdrew the DES standard in
2005, reflecting a long-established consensus that DES no longer
provides adequate security. In 2006, it cost less than EUR 10,000 to
build a machine to brute force DES keys in an average of 8.7 days.
By 2008, it was possible to buy commercial hardware that breaks DES
keys in less than a day on average. DES is long past its sell-by
date. Accordingly, this document updates RFC1964, RFC4120, and
RFC4121 to deprecate the use of DES in Kerberos. Because the
original Kerberos 5 specification, RFC1510 (obsoleted by RFC 4120),
supports only DES, this document also reclassifies RFC1510 as
Historic.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-des-die-die-die-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-krb-wg-des-die-die-die-00.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
