[kitten] Protocol Action: 'PKINIT Algorithm Agility' to Proposed Standard (draft-ietf-kitten-pkinit-alg-agility-08.txt)

The IESG <iesg-secretary@ietf.org> Mon, 27 May 2019 14:24 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: kitten@ietf.org
Delivered-To: kitten@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CC17120004; Mon, 27 May 2019 07:24:30 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.97.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, kitten-chairs@ietf.org, Robbie Harwood <rharwood@redhat.com>, rharwood@redhat.com, kitten@ietf.org, kaduk@mit.edu, draft-ietf-kitten-pkinit-alg-agility@ietf.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <155896707056.809.3019849952675149172.idtracker@ietfa.amsl.com>
Date: Mon, 27 May 2019 07:24:30 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/wIKWSRbsmJtOTFk86PE2up8smCY>
Subject: [kitten] Protocol Action: 'PKINIT Algorithm Agility' to Proposed Standard (draft-ietf-kitten-pkinit-alg-agility-08.txt)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 May 2019 14:24:31 -0000

The IESG has approved the following document:
- 'PKINIT Algorithm Agility'
  (draft-ietf-kitten-pkinit-alg-agility-08.txt) as Proposed Standard

This document is the product of the Common Authentication Technology Next
Generation Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-kitten-pkinit-alg-agility/





Technical Summary

    This document specifies an updated Public Key Cryptography for Initial
    Authentication in Kerberos (PKINIT, rfc4556) which is not dependent on
    SHA-1.  In particular, it describes negotiation for Key Derivation
    Functions, and includes test vectors for these schemes.

    This is a Standards Track document since its core goal is to update
    PKINIT, which is a standard part of Kerberos implementations.
    Accordingly, it updates rfc4556 (PKINIT), which is Standards Track.

Working Group Summary

    This document has been around for quite a long time, originally part of
    krb-wg before being taken up by kitten in the re-charter.  Implementations
    have existed in both MIT krb5 and Heimdal since 2011 and 2008,
    respectively.  Most shaping review happened under krb-wg, but those
    contributors are also participants in kitten.

    This document received review and/or implementation from a significant
    number of working group contributors.  In an ideal world it would have been published much
    sooner, but has been repeatedly deprioritized in favor of other work.

Document Quality

   There are two independent implementations that interoperate and validate
   the test vectors.

Personnel

    Robbie Harwood is the document shepherd.  Benjamin Kaduk is the
    responsible Area Director.