[kitten] Last Call: <draft-ietf-kitten-cammac-04.txt> (Kerberos Authorization Data Container Authenticated by Multiple MACs) to Proposed Standard
The IESG has received a request from the Common Authentication Technology
Next Generation WG (kitten) to consider the following document:
- 'Kerberos Authorization Data Container Authenticated by Multiple MACs'
<draft-ietf-kitten-cammac-04.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
[hidden email] mailing lists by 2015-12-04. Exceptionally, comments may be
sent to [hidden email] instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.
This document specifies a Kerberos Authorization Data container that
supersedes AD-KDC-ISSUED. It allows for multiple Message
Authentication Codes (MACs) or signatures to authenticate the
contained Authorization Data elements. The multiple MACs are needed
to mitigate shortcomings in the existing AD-KDC-ISSUED container.
This document updates RFC 4120.