[Ietf-krb-wg] Working Group Last call: New charter
Sam Hartman <hartmans-ietf@mit.edu> Sun, 24 April 2011 23:55 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfc.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 0F7BCE0663 for <ietfarch-krb-wg-archive@ietfc.amsl.com>; Sun, 24 Apr 2011 16:55:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.793
X-Spam-Level:
X-Spam-Status: No, score=-104.793 tagged_above=-999 required=5 tests=[AWL=1.806, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2tKGziGWH1Jw for <ietfarch-krb-wg-archive@ietfc.amsl.com>; Sun, 24 Apr 2011 16:55:16 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfc.amsl.com (Postfix) with ESMTP id DF424E0613 for <krb-wg-archive@lists.ietf.org>; Sun, 24 Apr 2011 16:55:15 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 29F8858; Sun, 24 Apr 2011 18:55:15 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 9680A50; Sun, 24 Apr 2011 18:55:12 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 76BF080E8C; Sun, 24 Apr 2011 18:55:12 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 377C780E7F for <ietf-krb-wg@lists.anl.gov>; Sun, 24 Apr 2011 18:55:11 -0500 (CDT)
Received: by mailhost.anl.gov (Postfix) id 2858E48; Sun, 24 Apr 2011 18:55:11 -0500 (CDT)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 23E8D50 for <ietf-krb-wg@anl.gov>; Sun, 24 Apr 2011 18:55:11 -0500 (CDT)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id 187D648 for <ietf-krb-wg@anl.gov>; Sun, 24 Apr 2011 18:55:11 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id EEE7D7CC073; Sun, 24 Apr 2011 18:55:10 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 32679-04; Sun, 24 Apr 2011 18:55:10 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id C98B47CC066 for <ietf-krb-wg@anl.gov>; Sun, 24 Apr 2011 18:55:10 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApsEAAK3tE1FGcQc/2dsb2JhbACmL7ppiG+DAB+CVwQ
X-IronPort-AV: E=Sophos;i="4.64,264,1301893200"; d="scan'208";a="59208403"
Received: from permutation-city.suchdamage.org (HELO mail.suchdamage.org) ([69.25.196.28]) by mailgateway.anl.gov with ESMTP; 24 Apr 2011 18:55:10 -0500
Received: from carter-zimmerman.suchdamage.org (carter-zimmerman.suchdamage.org [69.25.196.178]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id A844020265 for <ietf-krb-wg@anl.gov>; Sun, 24 Apr 2011 19:51:33 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id C0C3C4541; Sun, 24 Apr 2011 19:54:59 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: ietf-krb-wg@anl.gov
Date: Sun, 24 Apr 2011 19:54:59 -0400
Message-ID: <tslzknfxl0s.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Subject: [Ietf-krb-wg] Working Group Last call: New charter
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov
This message starts a final call for comments from the working group on the new charter. The charter is not a WG consensus document: the charter is a consensus of the IESG. However the IESG takes the input of the working group being chartered very seriously, so thinking of this like a normal WG last call is about right. Please submit comments no later than Friday May 6, 2011. If it looks like things are going well, the chairs will start working with authors to resolve milestones before that point. Description of Working Group: Kerberos over the years has been ported to virtually every operating system. There are at least two open source versions, with numerous commercial versions based on these and other proprietary implementations. Kerberos evolution has continued in recent years, with the development of new crypto and preauthentication frameworks, support for initial authentication using public keys, improved support for protecting clients' long-term keys during initial authentication, support for anonymous and partially-anonymous authentication, and numerous extensions developed in and out of the IETF. However, wider deployment and advances in technology bring with them both new challenges and new opportunities, such as exploring support for new mechanisms for initial authentication, new cryptographic technologies, and better integration of Kerberos with other systems for authentication, authorization, and identity management. In addition, several key features remain undefined. The Kerberos Working Group will continue to improve the core Kerberos specification, develop extensions to address new needs and technologies related to the areas described above, and produce specifications for missing functionality. Specifically, the Working Group will: * Complete existing work, including: - DHCP Option (draft-sakane-dhc-dhcpv6-kdc-option-10.txt) - KDC Data Model (draft-ietf-krb-wg-kdc-model-09.txt) - One-Time Passwords (draft-ietf-krb-wg-otp-preauth-16.txt) - IAKERB (draft-ietf-krb-wg-iakerb-02.txt) - Single-DES Deprecation (draft-lha-des-die-die-die-05.txt) - IANA registry creation (draft-lha-krb-wg-some-numbers-to-iana) - Hash agility for GSS-KRB5 (draft-ietf-krb-wg-gss-cb-hash-agility-06.txt) - Hash agility for PKINIT (draft-ietf-krb-wg-pkinit-alg-agility-05.txt) - Referrals (draft-ietf-krb-wg-kerberos-referrals-12.txt) - Set/Change Password (draft-ietf-krb-wg-kerberos-set-passwd-08.txt) * Prepare and advance one or more standards-track specifications which update the Kerberos version 5 protocol to support non-ASCII principal and realm names, salt strings, and passwords, and localized error reporting. Maximizing backward compatibility is strongly desired. * Prepare and advance one or more standards-track specifications which update the Kerberos version 5 protocol in a backward-compatible way to support extending the unencrypted portion of a Kerberos ticket. * Prepare, review, and advance standards-track and informational specifications defining use of new cryptographic algorithms in the Kerberos protocol, on an ongoing basis. * Prepare, review, and advance standards-track and informational specifications defining use of new cryptographic algorithms in Kerberos using the RFC3961 framework. Cryptographic algorithms intended for standards track status must be of good quality, have broad international support, and fill a > definite need. > * Prepare, review, and advance standards-track and informational specifications defining new authorization data types for carrying supplemental information about the client to which a Kerberos ticket has been issued and/or restrictions on what the ticket can be used for. To enhance this ongoing authorization data work, a container format supporting the use cases of draft-sorce-krbwg-general-pac-01 may be standardized. * Prepare a standards-track protocol to solve the use cases addressed by draft-hotz-kx509-01 including new support for digital signatures. * Prepare and advance one or more standards-track specifications which define mechanisms for establishing keys and configuration information used during authentication between Kerberos realms. * Prepare and advance a standards-track specification defining a format for the transport of Kerberos credentials within other protocols. * Produce an LDAP schema for management of the KDC's database. _______________________________________________ ietf-krb-wg mailing list ietf-krb-wg@lists.anl.gov https://lists.anl.gov/mailman/listinfo/ietf-krb-wg