Kerberos WG (krb-wg) Wednesday, August 08 at 1530-1730 ================================== CHAIR: Doug Engert AGENDA: Introduction Doug Engert - 5 min Kerberos revisions Cliff Neliff Neuman, Ken Rae draft-ietf-cat-kerberos-revisions-09.txt (not yet announced, but see http://www.isi.edu/people/bcn/krb-revisions/ ) The main objective of the working group is to move this draft forward to last call. There have been rewrites of new sections, and most of the referral and name canonicalization has been moved to a separate draft. This should allow us to get close to a WG last call. Channel Bindings, NAT and VPN What should be done in Kerberos, with the channel binding, now that they no longer reflect reality. Discussion on protecting the initial as-rep John Brezak Generating KDC Referrals to locate Kerberos realms John Brezak draft-ietf-krb-wg-kerberos-referrals-00.txt This renamed draft now contains most of the referral and name canonicalization. This will allow us to discuss the merits without holding up the Revisions. AES and Kerberos Ken Raeburn draft-raeburn-krb-rijndael-krb-01.txt PKINIT Brian Tung draft-ietf-cat-kerberos-pk-init-14.txt We had started a last call, but there where some comments. A new revision of the draft has been posted. If all goes well, we can start WG last call after the meeting. KDC LDAP schema Donna Skibbie skibbie-krb-kdc-ldap-schema-01.txt This is an update on the work being done. The draft just missed the cutoff. Passwordless Initial Authentication to Kerberos by Hardware Preauthentication Matt Crawford draft-ietf-krb-wg-hw-auth-00.txt New draft. DESCRIPTION: The prime goal of the working group is to get Kerberos Revisions to last call, as most of the other documents depend on this. I would like to ask all working group members to read at least the Revisions before the meeting.