The IESG has approved the following document: - 'A Pseudo-Random Function (PRF) for the Kerberos V Generic Security Service Application Program Interface (GSS-API) Mechanism' (draft-ietf-kitten-rfc4402bis-02.txt) as Proposed Standard This document is the product of the Common Authentication Technology Next Generation Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-kitten-rfc4402bis/ Technical Summary This document defines the Pseudo-Random Function (PRF) for the Kerberos V mechanism for the Generic Security Service Application Program Interface (GSS-API), based on the PRF defined for the Kerberos V cryptographic framework, for keying application protocols given an established Kerberos V GSS-API security context. This document obsoletes RFC 4402 and reclassifies that document as historic. RFC 4402 starts the PRF+ counter at 1, however a number of implementations starts the counter at 0. As a result, the original specification would not be interoperable with existing implementations. Working Group Summary This document is necessary because implementors of RFC 4402 erred when implementing the PRF+ construct, starting the counter variable at zero instead of one. The error was present in multiple releases of a shipping implementation when a second implementor discovered the error in interoperability testing; that second implementor also started the counter variable at zero for compatibility. This document serves to update RFC 4402 and reflect the implementation reality that is deployed and functioning interoperably. It is being published as a Standards Track document to match RFC 4402 which it replaces, as is consistent with most work on Kerberos in the IETF. Document Quality There is strong consensus for this document, which only differs from RFC 4402 in the change of the initial value of the counter variable and the removal of an unneeded and confusing paragraph from the security considerations section. It also adds test vectors, which have been verified by two implementations (MIT and Heimdal Kerberos). The WGLC period was part of a combined WGLC for three "bis" documents, over a period of four weeks. Most of the prominent WG contributors reviewed the document, and no substantive issues were found (though a couple of regressions from RFC 4402 were noted and fixed). Personnel Benjamin Kaduk is the document shepherd. Stephen Farrell is the responsible Area Director.
