A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : SPAKE Pre-Authentication
Author : Nathaniel McCallum
Filename : draft-mccallum-kitten-krb-spake-preauth-00.txt
Pages : 11
Date : 2015-04-24
Abstract:
This document defines a new password authenticated key exchange based
pre-authentication mechanism for performing Kerberos authentication.
This mechanism has three goals. First, it makes Kerberos pre-
authentication more resilient against time synchronization errors by
removing the need to transfer an encrypted timestamp. Second, it
increases the security of the Kerberos pre-authentication exchange by
making offline brute-force attacks impossible. Third, it enables the
use of secure second factor authentication without FAST by utilizing
the existing trust relationship established by the shared first
factor.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-mccallum-kitten-krb-spake-preauth/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-mccallum-kitten-krb-spake-preauth-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
