IETF Logo Mail Archive

Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-00.txt

Benjamin Kaduk <kaduk@MIT.EDU> Thu, 29 January 2015 22:14 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 754901A887F for <kitten@ietfa.amsl.com>; Thu, 29 Jan 2015 14:14:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1RdTAvTpwuS for <kitten@ietfa.amsl.com>; Thu, 29 Jan 2015 14:14:03 -0800 (PST)
Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B4441A039C for <kitten@ietf.org>; Thu, 29 Jan 2015 14:14:03 -0800 (PST)
X-AuditID: 12074425-f798e6d000000d1a-b0-54cab0a95dcb
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-8.mit.edu (Symantec Messaging Gateway) with SMTP id 76.52.03354.AA0BAC45; Thu, 29 Jan 2015 17:14:02 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id t0TME1Mj016746 for <kitten@ietf.org>; Thu, 29 Jan 2015 17:14:01 -0500
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t0TMDxVf007627 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <kitten@ietf.org>; Thu, 29 Jan 2015 17:14:01 -0500
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t0TMDxZE028263; Thu, 29 Jan 2015 17:13:59 -0500 (EST)
Date: Thu, 29 Jan 2015 17:13:59 -0500
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: kitten@ietf.org
In-Reply-To: <20150123003504.3896.40306.idtracker@ietfa.amsl.com>
Message-ID: <alpine.GSO.1.10.1501291713230.23489@multics.mit.edu>
References: <20150123003504.3896.40306.idtracker@ietfa.amsl.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrKIsWRmVeSWpSXmKPExsUixCmqrLtqw6kQgzUrmS2Obl7F4sDosWTJ T6YAxigum5TUnMyy1CJ9uwSujEs9O1gLTnBVTG6cwNzA+JK9i5GDQ0LARGJyh3YXIyeQKSZx 4d56ti5GLg4hgcVMEhsvtkA5xxklXtxYxA7h3GCSONF9jBGkRUiggVFiznQmEJtFQFti169L zCA2m4CKxMw3G9lAbBEBYYndW9+BxYUFvCU6D10Hq+cUcJRo/LGZCeQKXiB77iwPiJEOEn8X vAErFxXQkVi9fwoLiM0rIChxcuYTMJtZQEti+fRtLBMYBWYhSc1CklrAyLSKUTYlt0o3NzEz pzg1Wbc4OTEvL7VI10IvN7NELzWldBMjKPTYXVR3ME44pHSIUYCDUYmHN6HxZIgQa2JZcWXu IUZJDiYlUd6Na0+FCPEl5adUZiQWZ8QXleakFh9ilOBgVhLhVV0ElONNSaysSi3Kh0lJc7Ao ifNu+sEXIiSQnliSmp2aWpBaBJOV4eBQkuCdux6oUbAoNT21Ii0zpwQhzcTBCTKcB2j4DpAa 3uKCxNzizHSI/ClGRSlxXieQhABIIqM0D64XlhpeMYoDvSLMywVMFEI8wLQC1/0KaDAT0ODA xSdABpckIqSkGhg5PyooTD3mvyz81PIdN/xuHlk9/+E7ue8FKS01sy4sLBM7c2xVyyzp3smP D9wtYzqRMtVJUizv565iU6NgpTquci01388uqWuO1vcqHCv2q54zwflLe5JW3bNny5q31GSa HMpweiNl7fu5sX+JzK+stfwHzkouKEld9dIs4RxfTeoC+Sv3ZpxRYinOSDTUYi4qTgQAT5dX 1OgCAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/5HzdzaCzxdoEE64XRY-CcX7sKh8>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-00.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2015 22:14:05 -0000

On Thu, 22 Jan 2015, internet-drafts@ietf.org wrote:

>
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>  This draft is a work item of the Common Authentication Technology Next Generation Working Group of the IETF.
>
>         Title           : Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension
>         Authors         : Michiko Short
>                           Seth Moore
>                           Paul Miller
> 	Filename        : draft-ietf-kitten-pkinit-freshness-00.txt
> 	Pages           : 8
> 	Date            : 2015-01-22
>
> Abstract:
>    This document describes how to further extend the Public Key
>    Cryptography for Initial Authentication in Kerberos (PKINIT)
>    extension [RFC4556] to exchange an opaque data blob which a KDC can
>    validate to ensure that the client is currently in possession of the
>    private key during a PKInit AS exchange.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-kitten-pkinit-freshness/
>
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-ietf-kitten-pkinit-freshness-00


I think these updates look good.  If no other comments come in, we should
probably add this to the queue for WGLC.

-Ben

v2.23.0 | Report a Bug | By Email