Protocol Action: Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) to Proposed Standard
The IESG <iesg-secretary@ietf.org> Thu, 16 September 1999 11:33 UTC
Received: from loki.ietf.org (loki [10.27.2.29]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA09647; Thu, 16 Sep 1999 07:33:34 -0400 (EDT)
Received: (from adm@localhost) by loki.ietf.org (8.9.1b+Sun/8.9.1) id HAA25075 for ietf-123-outbound.10@ietf.org; Thu, 16 Sep 1999 07:25:01 -0400 (EDT)
Received: from ietf.org (odin.ietf.org [10.27.2.28]) by loki.ietf.org (8.9.1b+Sun/8.9.1) with ESMTP id HAA24925 for <all-ietf@loki.ietf.org>; Thu, 16 Sep 1999 07:00:15 -0400 (EDT)
Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA08818; Thu, 16 Sep 1999 07:00:15 -0400 (EDT)
Message-Id: <199909161100.HAA08818@ietf.org>
To: IETF-Announce:;
Cc: RFC Editor <rfc-editor@isi.edu>
Cc: Internet Architecture Board <iab@isi.edu>
Cc: ietf-tls@consensus.com
From: The IESG <iesg-secretary@ietf.org>
Subject: Protocol Action: Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) to Proposed Standard
Date: Thu, 16 Sep 1999 07:00:15 -0400
Sender: scoya@cnri.reston.va.us
The IESG has approved the Internet-Draft 'Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)' <draft-ietf-tls-kerb-cipher-suites-04.txt> as a Proposed Standard. This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Jeffrey Schiller and Marcus Leech. Technical Summary This document defines how to user Kerberos credentials in a TLS environment. Kerberos is used to obtain mutual authentication and to establish the TLS "master secret" which is then used to provide integrity and confidentiality protection for the TLS session. Working Group Summary The working group reached consensus on this proposal Protocol Quality Jeffrey I. Schiller reviewed this document for the IESG. Note to RFC Editor: Please include the following text as an IESG Note: The 40-bit ciphersuites defined in this memo are included only for the purpose of documenting the fact that those ciphersuite codes have already been assigned. 40-bit ciphersuites were designed to comply with US-centric, and now obsolete, export restrictions. They were never secure, and nowadays are inadequate even for casual applications. Implementation and use of the 40-bit ciphersuites defined in this document, and elsewhere, is strongly discouraged.