[kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

Internet-Drafts

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Common Authentication Technology Next Generation of the IETF.

        Title           : Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension
        Authors         : Michiko Short
                          Seth Moore
                          Paul Miller
        Filename        : draft-ietf-kitten-pkinit-freshness-04.txt
        Pages           : 8
        Date            : 2016-03-21

Abstract:
   This document describes how to further extend the Public Key
   Cryptography for Initial Authentication in Kerberos (PKINIT)
   extension [RFC4556] to exchange an opaque data blob that a KDC can
   validate to ensure that the client is currently in possession of the
   private key during a PKINIT AS exchange.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-kitten-pkinit-freshness/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-kitten-pkinit-freshness-04

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-pkinit-freshness-04


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten
Reply | Threaded
Open this post in threaded view
|

Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

Greg Hudson
In section 2.4, I think the cross-reference for KDC_ERR_PREAUTH_FAILED
should be RFC 4120; although RFC 6113 elaborates on its use, the initial
definition is still in 4120.

Other than that small editorial issue, my two comments to -03 are addressed.

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten
Reply | Threaded
Open this post in threaded view
|

Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

Seth Moore
Thanks, Greg.

I think the RFC reference mix up was due to 6113 discussing retry (Section 2). The actual error is, indeed, defined in 4120  (7.5.9).

Cheers,
Seth

-----Original Message-----
From: Kitten [mailto:[hidden email]] On Behalf Of Greg Hudson
Sent: Monday, March 21, 2016 10:57 AM
To: [hidden email]
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

In section 2.4, I think the cross-reference for KDC_ERR_PREAUTH_FAILED should be RFC 4120; although RFC 6113 elaborates on its use, the initial definition is still in 4120.

Other than that small editorial issue, my two comments to -03 are addressed.

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten
Reply | Threaded
Open this post in threaded view
|

Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

Michiko Short
Published version 5 with that fix.

-----Original Message-----
From: Kitten [mailto:[hidden email]] On Behalf Of Seth Moore
Sent: Monday, March 21, 2016 1:20 PM
To: Greg Hudson <[hidden email]>; [hidden email]
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

Thanks, Greg.

I think the RFC reference mix up was due to 6113 discussing retry (Section 2). The actual error is, indeed, defined in 4120  (7.5.9).

Cheers,
Seth

-----Original Message-----
From: Kitten [mailto:[hidden email]] On Behalf Of Greg Hudson
Sent: Monday, March 21, 2016 10:57 AM
To: [hidden email]
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt

In section 2.4, I think the cross-reference for KDC_ERR_PREAUTH_FAILED should be RFC 4120; although RFC 6113 elaborates on its use, the initial definition is still in 4120.

Other than that small editorial issue, my two comments to -03 are addressed.

_______________________________________________
Kitten mailing list
[hidden email]
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.ietf.org%2fmailman%2flistinfo%2fkitten&data=01%7c01%7cmichikos%40microsoft.com%7cb5e550e620d143d7a9cb08d351c638cd%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=AhUkMRzx8gVSJ8k%2f9ctr7%2bA6H329ksir3B%2bl9vFOGbA%3d

_______________________________________________
Kitten mailing list
[hidden email]
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.ietf.org%2fmailman%2flistinfo%2fkitten&data=01%7c01%7cmichikos%40microsoft.com%7cb5e550e620d143d7a9cb08d351c638cd%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=AhUkMRzx8gVSJ8k%2f9ctr7%2bA6H329ksir3B%2bl9vFOGbA%3d

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten