A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Kerberos Working Group of the IETF.
Title : Deprecate DES, "export strength" RC4, and other weak cryptographic algorithms in Kerberos
Author(s) : Love Hornquist Astrand
Tom Yu
Filename : draft-ietf-krb-wg-des-die-die-die-03.txt
Pages : 7
Date : 2012-02-16
The Kerberos 5 network authentication protocol, originally specified
in RFC1510, can use the Data Encryption Standard (DES) for
encryption. Almost 30 years after first publishing DES, the National
Institute of Standards and Technology (NIST) finally withdrew the
standard in 2005, reflecting a long-established consensus that DES is
insufficiently secure. By 2008, commercial hardware costing less
than USD 15,000 could break DES keys in less than a day on average.
DES is long past its sell-by date. Accordingly, this document
updates RFC1964, RFC4120, RFC4121, and RFC4757 to deprecate the use
of DES, "export strength" RC4, and other weak cryptographic
algorithms in Kerberos. Because RFC1510 (obsoleted by RFC4120)
supports only DES, this document reclassifies RFC1510 as Historic.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-des-die-die-die-03.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-krb-wg-des-die-die-die-03.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
