I-D ACTION:draft-ietf-cat-kerberos-err-msg-00.txt

Internet-Drafts@ietf.org Thu, 27 March 1997 15:00 UTC

Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
To: IETF-Announce:;
cc: cat-ietf@mit.edu
Sender: ietf-announce-request@ietf.org
From: Internet-Drafts@ietf.org
Reply-to: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-cat-kerberos-err-msg-00.txt
Date: Thu, 27 Mar 1997 09:54:47 -0500
Message-ID: <9703270954.aa17219@ietf.org>

 A New Internet-Draft is available from the on-line Internet-Drafts 
 directories. This draft is a work item of the Common Authentication 
 Technology Working Group of the IETF.                                     

       Title     : Integrity Protection for the Kerberos Error Message     
       Author(s) : A. Medvinsky, M. Hur, D. Brezinski, 
                   G. Tsudik, B. Tung
       Filename  : draft-ietf-cat-kerberos-err-msg-00.txt
       Pages     : 4
       Date      : 03/26/1997

The Kerberos error message, as defined in RFC 1510, is transmitted to the 
client without any integrity assurance.  Therefore, the client has no means
to distinguish between a valid error message sent from the KDC and one sent
by an attacker.  This draft describes a method for assuring the integrity 
of Kerberos error messages, and proposes a consistent format for the e-data
field in the KRB_ERROR message.  This e-data format enables the storage of 
cryptographic checksums by providing an extensible mechanism for specifying
e-data types.                                                              

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
     "get draft-ietf-cat-kerberos-err-msg-00.txt".
A URL for the Internet-Draft is:
ftp://ds.internic.net/internet-drafts/draft-ietf-cat-kerberos-err-msg-00.txt
 
Internet-Drafts directories are located at:	
	                                                
     o  Africa:  ftp.is.co.za                    
	                                                
     o  Europe:  ftp.nordu.net            	
                 ftp.nis.garr.it                 
	                                                
     o  Pacific Rim: munnari.oz.au               
	                                                
     o  US East Coast: ds.internic.net           
	                                                
     o  US West Coast: ftp.isi.edu               
	                                                
Internet-Drafts are also available by mail.	
	                                                
Send a message to:  mailserv@ds.internic.net. In the body type: 
     "FILE /internet-drafts/draft-ietf-cat-kerberos-err-msg-00.txt".
							
NOTE: The mail server at ds.internic.net can return the document in
      MIME-encoded form by using the "mpack" utility.  To use this
      feature, insert the command "ENCODING mime" before the "FILE"
      command.  To decode the response(s), you will need "munpack" or
      a MIME-compliant mail reader.  Different MIME-compliant mail readers
      exhibit different behavior, especially when dealing with
      "multipart" MIME messages (i.e., documents which have been split
      up into multiple messages), so check your local documentation on
      how to manipulate these messages.
							
							

Below is the data which will enable a MIME compliant mail reader 
implementation to automatically retrieve the ASCII version
of the Internet-Draft.

ftp://ds.internic.net/internet-drafts/draft-ietf-cat-kerberos-err-msg-00.txt"><ftp://ds.internic.net/internet-drafts/draft-ietf-cat-kerberos-err-msg-00.txt>

I-D ACTION:draft-ietf-cat-kerberos-err-msg-00.txt Internet-Drafts