Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-00.txt
Benjamin Kaduk <kaduk@MIT.EDU> Thu, 29 January 2015 22:14 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 754901A887F for <kitten@ietfa.amsl.com>; Thu, 29 Jan 2015 14:14:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1RdTAvTpwuS for <kitten@ietfa.amsl.com>; Thu, 29 Jan 2015 14:14:03 -0800 (PST)
Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B4441A039C for <kitten@ietf.org>; Thu, 29 Jan 2015 14:14:03 -0800 (PST)
X-AuditID: 12074425-f798e6d000000d1a-b0-54cab0a95dcb
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-8.mit.edu (Symantec Messaging Gateway) with SMTP id 76.52.03354.AA0BAC45; Thu, 29 Jan 2015 17:14:02 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id t0TME1Mj016746 for <kitten@ietf.org>; Thu, 29 Jan 2015 17:14:01 -0500
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t0TMDxVf007627 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <kitten@ietf.org>; Thu, 29 Jan 2015 17:14:01 -0500
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t0TMDxZE028263; Thu, 29 Jan 2015 17:13:59 -0500 (EST)
Date: Thu, 29 Jan 2015 17:13:59 -0500
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: kitten@ietf.org
In-Reply-To: <20150123003504.3896.40306.idtracker@ietfa.amsl.com>
Message-ID: <alpine.GSO.1.10.1501291713230.23489@multics.mit.edu>
References: <20150123003504.3896.40306.idtracker@ietfa.amsl.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrKIsWRmVeSWpSXmKPExsUixCmqrLtqw6kQgzUrmS2Obl7F4sDosWTJ T6YAxigum5TUnMyy1CJ9uwSujEs9O1gLTnBVTG6cwNzA+JK9i5GDQ0LARGJyh3YXIyeQKSZx 4d56ti5GLg4hgcVMEhsvtkA5xxklXtxYxA7h3GCSONF9jBGkRUiggVFiznQmEJtFQFti169L zCA2m4CKxMw3G9lAbBEBYYndW9+BxYUFvCU6D10Hq+cUcJRo/LGZCeQKXiB77iwPiJEOEn8X vAErFxXQkVi9fwoLiM0rIChxcuYTMJtZQEti+fRtLBMYBWYhSc1CklrAyLSKUTYlt0o3NzEz pzg1Wbc4OTEvL7VI10IvN7NELzWldBMjKPTYXVR3ME44pHSIUYCDUYmHN6HxZIgQa2JZcWXu IUZJDiYlUd6Na0+FCPEl5adUZiQWZ8QXleakFh9ilOBgVhLhVV0ElONNSaysSi3Kh0lJc7Ao ifNu+sEXIiSQnliSmp2aWpBaBJOV4eBQkuCdux6oUbAoNT21Ii0zpwQhzcTBCTKcB2j4DpAa 3uKCxNzizHSI/ClGRSlxXieQhABIIqM0D64XlhpeMYoDvSLMywVMFEI8wLQC1/0KaDAT0ODA xSdABpckIqSkGhg5PyooTD3mvyz81PIdN/xuHlk9/+E7ue8FKS01sy4sLBM7c2xVyyzp3smP D9wtYzqRMtVJUizv565iU6NgpTquci01388uqWuO1vcqHCv2q54zwflLe5JW3bNny5q31GSa HMpweiNl7fu5sX+JzK+stfwHzkouKEld9dIs4RxfTeoC+Sv3ZpxRYinOSDTUYi4qTgQAT5dX 1OgCAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/5HzdzaCzxdoEE64XRY-CcX7sKh8>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-00.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2015 22:14:05 -0000
On Thu, 22 Jan 2015, internet-drafts@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Common Authentication Technology Next Generation Working Group of the IETF. > > Title : Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension > Authors : Michiko Short > Seth Moore > Paul Miller > Filename : draft-ietf-kitten-pkinit-freshness-00.txt > Pages : 8 > Date : 2015-01-22 > > Abstract: > This document describes how to further extend the Public Key > Cryptography for Initial Authentication in Kerberos (PKINIT) > extension [RFC4556] to exchange an opaque data blob which a KDC can > validate to ensure that the client is currently in possession of the > private key during a PKInit AS exchange. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-kitten-pkinit-freshness/ > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-ietf-kitten-pkinit-freshness-00 I think these updates look good. If no other comments come in, we should probably add this to the queue for WGLC. -Ben
- [kitten] I-D Action: draft-ietf-kitten-pkinit-fre… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Greg Hudson
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Michiko Short
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Greg Hudson