Re: [Ietf-krb-wg] Rechartering
Jeffrey Hutzelman <jhutz@cmu.edu> Fri, 25 March 2011 07:11 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@core3.amsl.com
Delivered-To: ietfarch-krb-wg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 82EDA3A696D for <ietfarch-krb-wg-archive@core3.amsl.com>; Fri, 25 Mar 2011 00:11:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sDJwuOWz0Ovk for <ietfarch-krb-wg-archive@core3.amsl.com>; Fri, 25 Mar 2011 00:11:25 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id A86913A696E for <krb-wg-archive@lists.ietf.org>; Fri, 25 Mar 2011 00:11:23 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id AF70B6C; Fri, 25 Mar 2011 02:12:58 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 7B2E861; Fri, 25 Mar 2011 02:12:58 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 5828A80E7E; Fri, 25 Mar 2011 02:12:58 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 2E9B580E7D for <ietf-krb-wg@lists.anl.gov>; Fri, 25 Mar 2011 02:12:56 -0500 (CDT)
Received: by mailhost.anl.gov (Postfix) id 213372C; Fri, 25 Mar 2011 02:12:56 -0500 (CDT)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 1CA9F66 for <ietf-krb-wg@anl.gov>; Fri, 25 Mar 2011 02:12:56 -0500 (CDT)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id 1551E2C for <ietf-krb-wg@anl.gov>; Fri, 25 Mar 2011 02:12:56 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id F40897CC086; Fri, 25 Mar 2011 02:12:55 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07950-09; Fri, 25 Mar 2011 02:12:55 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id CE0F07CC07C for <ietf-krb-wg@anl.gov>; Fri, 25 Mar 2011 02:12:55 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AnMAAKA/jE2AAtnEkWdsb2JhbACEQ6EMFAEBAgkLCwcUBSCzVogxiGyBJ4FWH4FWdwSQSQ
X-IronPort-AV: E=Sophos;i="4.63,242,1299477600"; d="scan'208";a="57645405"
Received: from smtp01.srv.cs.cmu.edu ([128.2.217.196]) by mailgateway.anl.gov with ESMTP/TLS/DHE-RSA-AES256-SHA; 25 Mar 2011 02:12:55 -0500
Received: from [128.2.216.200] (DESTINY.PC.CS.CMU.EDU [128.2.216.200]) (authenticated bits=0) by smtp01.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id p2P7Cslw002410 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 25 Mar 2011 03:12:55 -0400 (EDT)
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: ietf-krb-wg@anl.gov
In-Reply-To: <1300249954.22824.73.camel@destiny>
References: <1300249954.22824.73.camel@destiny>
Date: Fri, 25 Mar 2011 03:12:56 -0400
Message-ID: <1301037176.25493.16.camel@destiny>
Mime-Version: 1.0
X-Mailer: Evolution 2.30.3
X-Scanned-By: mimedefang-cmuscs on 128.2.217.196
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: jhutz@cmu.edu
Subject: Re: [Ietf-krb-wg] Rechartering
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov
Version 01 of the draft charter appears below. This should address all of the specific comments, additions, and corrections I have received. Except for Nico, I haven't heard much from the working group on the question of how broad a scope we want or how open-ended the charter should be. I would like to hear more on this topic. I also wouldn't mind hearing from an AD or three... -- Jeff Description of Working Group: Kerberos over the years has been ported to virtually every operating system. There are at least two open source versions, with numerous commercial versions based on these and other proprietary implementations. Kerberos evolution has continued in recent years, with the development of new crypto and preauthentication frameworks, support for initial authentication using public keys, improved support for protecting clients' long-term keys during initial authentication, support for anonymous and partially-anonymous authentication, and numerous extensions developed in and out of the IETF. However, wider deployment and advances in technology bring with them both new challenges and new opportunities, such as exploring support for new mechanisms for initial authentication, new cryptographic technologies, and better integration of Kerberos with other systems for authentication, authorization, and identity management. In addition, several key features remain undefined. The Kerberos Working Group will continue to improve the core Kerberos specification, develop extensions to address new needs and technologies related to the areas described above, and produce specifications for missing functionality. Specifically, the Working Group will: * Complete existing work, including: - DHCP Option (draft-sakane-dhc-dhcpv6-kdc-option-10.txt) - KDC Data Model (draft-ietf-krb-wg-kdc-model-09.txt) - One-Time Passwords (draft-ietf-krb-wg-otp-preauth-16.txt) - IAKERB (draft-ietf-krb-wg-iakerb-02.txt) - Single-DES Deprecation (draft-lha-des-die-die-die-05.txt) - Hash agility for GSS-KRB5 (draft-ietf-krb-wg-gss-cb-hash-agility-06.txt) - Hash agility for PKINIT (draft-ietf-krb-wg-pkinit-alg-agility-05.txt) - Referrals (draft-ietf-krb-wg-kerberos-referrals-12.txt) - Set/Change Password (draft-ietf-krb-wg-kerberos-set-passwd-08.txt) * Prepare and advance one or more standards-track specifications which update the Kerberos version 5 protocol in a backward-compatible way to support non-ASCII principal and realm names, salt strings, and passwords, and localized error reporting. * Prepare and advance one or more standards-track specifications which update the Kerberos version 5 protocol in a backward-compatible way to enable future protocol revisions and extensions. * Prepare, review, and advance standards-track and informational specifications defining use of new cryptographic algorithms in the Kerberos protocol, on an ongoing basis. * Prepare, review, and advance standards-track and informational specifications defining new authorization data types for carrying supplemental information about the client to which a Kerberos ticket has been issued and/or restrictions on what the ticket can be used for. * Prepare a standards-track protocol to solve the use cases addressed by draft-hotz-kx509-01 including new support for digital signatures. * Prepare and advance one or more standards-track specifications which define mechanisms for establishing keys and configuration information used during authentication between Kerberos realms. * Prepare and advance a standards-track specification defining a format for the transport of Kerberos credentials within other protocols. * Produce an LDAP schema for management of the KDC's database. _______________________________________________ ietf-krb-wg mailing list ietf-krb-wg@lists.anl.gov https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
- [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Thomas Hardjono
- Re: [Ietf-krb-wg] Rechartering Sam Hartman
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Sam Hartman
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Tom Yu
- Re: [Ietf-krb-wg] Rechartering Nico Williams
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Henry B. Hotz
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Sam Hartman
- [Ietf-krb-wg] Charter Scope Sam Hartman
- Re: [Ietf-krb-wg] Charter Scope Nico Williams
- Re: [Ietf-krb-wg] Charter Scope Thomas Hardjono
- Re: [Ietf-krb-wg] Charter Scope Sam Hartman