Protocol Action: 'A PRF API extension for the GSS-API' to Proposed Standard
The IESG <iesg-secretary@ietf.org> Mon, 05 December 2005 21:42 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EjO64-0002if-Ok; Mon, 05 Dec 2005 16:42:08 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EjO62-0002i4-JT; Mon, 05 Dec 2005 16:42:06 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA15029; Mon, 5 Dec 2005 16:41:16 -0500 (EST)
Received: from [132.151.6.50] (helo=newodin.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EjORP-0002HD-7g; Mon, 05 Dec 2005 17:04:11 -0500
Received: from apache by newodin.ietf.org with local (Exim 4.43) id 1EjO61-0000U2-4r; Mon, 05 Dec 2005 16:42:05 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1EjO61-0000U2-4r@newodin.ietf.org>
Date: Mon, 05 Dec 2005 16:42:05 -0500
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c
Cc: kitten mailing list <kitten@ietf.org>, kitten chair <jaltman@columbia.edu>, Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'A PRF API extension for the GSS-API' to Proposed Standard
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Sender: ietf-announce-bounces@ietf.org
Errors-To: ietf-announce-bounces@ietf.org
The IESG has approved the following documents: - 'A PRF API extension for the GSS-API ' <draft-ietf-kitten-gssapi-prf-07.txt> as a Proposed Standard - 'A PRF for the Kerberos V GSS-API Mechanism ' <draft-ietf-kitten-krb5-gssapi-prf-04.txt> as a Proposed Standard These documents are products of the Kitten (GSS-API Next Generation) Working Group. The IESG contact persons are Sam Hartman and Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-kitten-gssapi-prf-07.txt Technical Summary These documents define a Pseudo-Random Function (PRF) extension to the Generic Security Service Application Programming Interface (GSS-API) for keying application protocols given an established GSS-API security context and provide an implementation of that extension for the Kerberos V mechanism. The primary intended use of this function is to key secure session layers that don't or cannot use GSS-API per- message MIC (message integrity check) and wrap tokens for session Working Group Summary The Kitten working group participants are solidly behind this document. There were two areas of contention during its development. First, representatives of the Samba team desired that the PRF be designed to be compatible with the key export methods implemented by Microsoft for use with CIFS. The working group consensus was that following Microsoft's direction would have compromised the security and usefulness of the PRF functionality. Second, there was a desire to include a Java Binding for the prf() method. The Java Binding was removed from the document due to both a technical disagreement within the working group related to how it should be implemented as well as conflicts between IETF and Java Community Process processes. Protocol Quality There are no shipping implementations of this extension although there has been broad review and no concerns have been raised regarding the ability to implement the interfaces defined. Several vendors including MIT's Kerberos team, Heimdal and Sun Microsystems have indicated a desire to implement the extension. Ken Raeburn, Uri Blumenthal and Joe Salowey provided significant review. This document has been reviewed for the IESG by Sam hartman. Note to RFC Editor In draft-ietf-kitten-krb5-gssapi-prf, replace the citation to [rfc1964] with a citation to [cfx] and remove the reference entry for [rfc1964] Just before section 2, delete the paragraph beginning "mechanisms may limit the output" and ending with "requested." In draft-ietf-kitten-gssapi-prf, replace the reference to RFC 1750 with a reference to RFC 4086. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce