Protocol Action: 'Kerberos Authorization Data Container Authenticated by Multiple MACs' to Proposed Standard (draft-ietf-kitten-cammac-01.txt)
The IESG <iesg-secretary@ietf.org> Tue, 13 January 2015 01:33 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A54CC1A8832; Mon, 12 Jan 2015 17:33:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ccb9VdRA7aa1; Mon, 12 Jan 2015 17:33:19 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E69E1A898F; Mon, 12 Jan 2015 17:33:13 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Kerberos Authorization Data Container Authenticated by Multiple MACs' to Proposed Standard (draft-ietf-kitten-cammac-01.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 5.10.0.p8
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150113013313.17312.35831.idtracker@ietfa.amsl.com>
Date: Mon, 12 Jan 2015 17:33:13 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/Tr96Nt7uP4a6rQMM9MSkyyIsRrY>
Cc: kitten mailing list <kitten@ietf.org>, kitten chair <kitten-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jan 2015 01:33:21 -0000
The IESG has approved the following document: - 'Kerberos Authorization Data Container Authenticated by Multiple MACs' (draft-ietf-kitten-cammac-01.txt) as Proposed Standard This document is the product of the Common Authentication Technology Next Generation Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-kitten-cammac/ Technical Summary This document specifies a Kerberos Authorization Data container that supersedes AD-KDC-ISSUED. It allows for multiple Message Authentication Codes (MACs) or signatures to authenticate the contained Authorization Data elements. This document updates RFC 4120. Working Group Summary The review process for this document was quite spread out in time, with action occurring in occasional bursts. Almost all of the Kerberos experts who regularly participate in the WG have contributed to reviewing this document at some point in its history, but not necessarily all at the same time. There was a lot of discussion around the time of the initial few revisions, but then a lull in activity. Version -05 got a lot of review comments, which resulted in some (substantive, but relatively minor) changes to the specification. It was unclear what level of review those changes had received, after essentially no comments were received during a WGLC period for the -08, so we solicited further comments at that time, and got thorough review from two Kerberos experts, which the shepherd believes is sufficient. These post-WGLC reviews were largely editorial, but there were four issues of substance that were raised, two of which received heavy discussion. Document Quality There are not currently any implementations, but Red Hat and MIT plan to collaborate to produce an implementation. MIT has a partial implementation of an en/decoder for the ASN.1 types. Personnel The document shepherd is Benjamin Kaduk. The irresponsible Area Director is Stephen Farrell.