[kitten] Protocol Action: 'PKINIT Algorithm Agility' to Proposed Standard (draft-ietf-kitten-pkinit-alg-agility-08.txt)
The IESG <iesg-secretary@ietf.org> Mon, 27 May 2019 14:24 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: kitten@ietf.org
Delivered-To: kitten@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CC17120004; Mon, 27 May 2019 07:24:30 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.97.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, kitten-chairs@ietf.org, Robbie Harwood <rharwood@redhat.com>, rharwood@redhat.com, kitten@ietf.org, kaduk@mit.edu, draft-ietf-kitten-pkinit-alg-agility@ietf.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <155896707056.809.3019849952675149172.idtracker@ietfa.amsl.com>
Date: Mon, 27 May 2019 07:24:30 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/wIKWSRbsmJtOTFk86PE2up8smCY>
Subject: [kitten] Protocol Action: 'PKINIT Algorithm Agility' to Proposed Standard (draft-ietf-kitten-pkinit-alg-agility-08.txt)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 May 2019 14:24:31 -0000
The IESG has approved the following document: - 'PKINIT Algorithm Agility' (draft-ietf-kitten-pkinit-alg-agility-08.txt) as Proposed Standard This document is the product of the Common Authentication Technology Next Generation Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-kitten-pkinit-alg-agility/ Technical Summary This document specifies an updated Public Key Cryptography for Initial Authentication in Kerberos (PKINIT, rfc4556) which is not dependent on SHA-1. In particular, it describes negotiation for Key Derivation Functions, and includes test vectors for these schemes. This is a Standards Track document since its core goal is to update PKINIT, which is a standard part of Kerberos implementations. Accordingly, it updates rfc4556 (PKINIT), which is Standards Track. Working Group Summary This document has been around for quite a long time, originally part of krb-wg before being taken up by kitten in the re-charter. Implementations have existed in both MIT krb5 and Heimdal since 2011 and 2008, respectively. Most shaping review happened under krb-wg, but those contributors are also participants in kitten. This document received review and/or implementation from a significant number of working group contributors. In an ideal world it would have been published much sooner, but has been repeatedly deprioritized in favor of other work. Document Quality There are two independent implementations that interoperate and validate the test vectors. Personnel Robbie Harwood is the document shepherd. Benjamin Kaduk is the responsible Area Director.