[saag] krb-wg report

Larry Zhu <lzhu@windows.microsoft.com> Thu, 26 March 2009 19:58 UTC

Return-Path: <lzhu@windows.microsoft.com>
X-Original-To: saag@core3.amsl.com
Delivered-To: saag@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 209F13A69F7 for <saag@core3.amsl.com>; Thu, 26 Mar 2009 12:58:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.959
X-Spam-Status: No, score=-106.959 tagged_above=-999 required=5 tests=[AWL=3.640, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id FFIGq6OovY3b for <saag@core3.amsl.com>; Thu, 26 Mar 2009 12:58:13 -0700 (PDT)
Received: from smtp.microsoft.com (mailc.microsoft.com []) by core3.amsl.com (Postfix) with ESMTP id 643B93A6955 for <saag@ietf.org>; Thu, 26 Mar 2009 12:57:54 -0700 (PDT)
Received: from TK5-EXHUB-C102.redmond.corp.microsoft.com ( by TK5-EXGWY-E803.partners.extranet.microsoft.com ( with Microsoft SMTP Server (TLS) id; Thu, 26 Mar 2009 12:58:48 -0700
Received: from tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com ( by TK5-EXHUB-C102.redmond.corp.microsoft.com ( with Microsoft SMTP Server id; Thu, 26 Mar 2009 12:58:47 -0700
Received: from NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com ([fe80::8de9:51a2:cd62:f122]) by tk5-exmlt-w602.wingroup.windeploy.ntdev.microsoft.com ([]) with mapi; Thu, 26 Mar 2009 12:58:46 -0700
From: Larry Zhu <lzhu@windows.microsoft.com>
To: "saag@ietf.org" <saag@ietf.org>, "ietf-krb-wg@anl.gov" <ietf-krb-wg@anl.gov>
Date: Thu, 26 Mar 2009 12:58:46 -0700
Thread-Topic: krb-wg report
Thread-Index: AcmuTUXIWv7mlqGaTfCfal0noKcm4A==
Message-ID: <AB1E5627D2489D45BD01B84BD5B9004614F5954BA3@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_AB1E5627D2489D45BD01B84BD5B9004614F5954BA3NAEXMSGW601wi_"
MIME-Version: 1.0
Subject: [saag] krb-wg report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2009 19:58:14 -0000

Krb-wg met Tuesday afternoon.

Chair: Jeffrey Hutzelman and Larry Zhu

Scribe: Shawn Emery

AD: Tim Polk

We reviewed the changes in our current Internet Drafts.  We discussed issues raised in list discussions and consensus calls. There are two outstanding issues for draft-josefsson-kerberos5-starttls, namely KDC-certificate validation and channel bindings.  It is noted that current starttls implementations can only handle pre-shared certificates. We decided that starttls should require certificate validation using pre-shared certificates. There is no consensus how the certificates can be verified otherwise with alternative options involving various EKUs and SANs proposed.  The lack of channel bindings will be handled in a separate document. Due to these limitations, the starttls document should be published as is as informational, except to update it to reflect the certificate validation decision. The channel binding document krb5starttls-bootstrap is adopted as a working group item. These decisions are to be verified on the list.

We then discussed an issue involving the RFC3961 PRF for AES. We found that all current implementations truncate the output to multiple of AES cipher block size 16 bytes while the specification in RFC3961 does not truncate. We decided to adopt the PRF with truncation as the official PRF but we are to find out what is the right process to do this and we will involve the document author Ken and security AD Tim Polk. The decision is to be verified on the list.

After the PRF discussion, we turned our attention to two issues in the preauth document. Sam made the presentation. One is how to detect thus prevent the FAST padata from being stripped by active attackers. An AD element will be used to indicate FAST padata is used to mitigate the threat. Another issue is that TLS-finished style checksum adds some complexity to implementers but no significant benefits. We will remove the finished checksum in the next revision.

We also have the following additional action items and decisions:

1) Updates to the data model document have been made based on WGLC comments. We will start another WGLC. Follow up: jhutz and Leif.

2) Anonymity document has one new open issue regard to exported names. Larry Zhu is going to propose a solution and go through the list. We have good and healthy discussions. Followup: Larry

3) Love proposed an alternative proposal to use the server nonce to allow both the client and the KDC contribute the ticket Session key. Larry Zhu and/love will write up the idea and propose it to the list. Followup: Larry and Love.

4) IAKERB WGLC is concluded. One comment is to be addressed by adding appropriate text to the security considerations section. Followup: Larry to update, and Jhutz to forward it to IESG

5) Ticket extensions adopted as work group item. Followup: jhutz

6) DHCP options to be added to allow KDC discovery, adopted as working group item, and to update the krb-wg charter. Followup: jhutz

7) The preauth ID to be updated and start WGLC. Followup: Sam Hartman to publish -11 based on the group decisions, 3 designated volunteer reviewers to complete review in the next weeks timeframe: Cliff Newman, Love, and Nicolas Williams