Kerberos (krb-wg) ----------------- Charter Last Modified: 2009-01-12 Current Status: Active Working Group Chair(s): Jeffrey Hutzelman Larry Zhu Security Area Director(s): Tim Polk Pasi Eronen Security Area Advisor: Tim Polk Mailing Lists: General Discussion:ietf-krb-wg@lists.anl.gov To Subscribe: https://lists.anl.gov/mailman/listinfo/ietf-krb-wg Archive: https://lists.anl.gov/pipermail/ietf-krb-wg/ Description of Working Group: No description available Goals and Milestones: Done First meeting Done Submit the Kerberos Extensions document to the IESG for consideration as a Proposed standard. Done Complete first draft of Pre-auth Framework Done Complete first draft of Extensions Done Submit K5-GSS-V2 document to IESG for consideration as a Proposed Standard Done Last Call on OCSP for PKINIT Done Consensus on direction for Change/Set password Done PKINIT to IESG Done Enctype Negotiation to IESG Done Last Call on PKINIT ECC Done TCP Extensibility to IESG Done ECC for PKINIT to IESG Done Naming Constraints to IESG Done Anonymity to IESG Sep 2007 WGLC on preauth framework Done WGLC on OTP Done WGLC on data model Done WGLC on cross-realm issues Jan 2008 WGLC on Referrals Dec 2008 Set/Change Password to IESG Dec 2008 Hash agility for GSS-KRB5 to IESG Dec 2008 Hash agility for PKINIT to IESG Dec 2008 Anonymity back to IESG Done WGLC on IAKERB Jan 2009 WGLC on STARTTLS Feb 2009 Data Model to IESG Feb 2009 OTP to IESG Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Feb 2004 Aug 2009 A Generalized Framework for Kerberos Pre-Authentication Nov 2004 Jul 2009 Using Kerberos V5 over the Transport Layer Security (TLS) protocol Oct 2007 Jul 2009 Problem statement on the cross-realm operation of Kerberos Oct 2007 Apr 2009 OTP Pre-authentication Oct 2007 Jul 2009 Initial and Pass Through Authentication Using Kerberos V5 and the GSS- API (IAKERB) Dec 2007 Jul 2009 An information model for Kerberos version 5 Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC3962Standard Feb 2005 AES Encryption for Kerberos 5 RFC3961Standard Feb 2005 Encryption and Checksum Specifications for Kerberos 5 RFC4120Standard Jul 2005 The Kerberos Network Authentication Service (V5) RFC4121Standard Jul 2005 The Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API) Mechanism: Version 2 RFC4537 PS Jun 2006 Kerberos Cryptosystem Negotiation Extension RFC4557 PS Jun 2006 Online Certificate Status Protocol (OCSP) Support for Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) RFC4556 PS Jun 2006 Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) RFC5021 PS Aug 2007 Extended Kerberos Version 5 Key Distribution Center (KDC) Exchanges Over TCP RFC5349 I Sep 2008 Elliptic Curve Cryptography (ECC) Support for Public Key Cryptography for Initial Authentication in Kerberos (PKINIT)