2.6.6 Kerberos WG (krb-wg)

NOTE: This charter is a snapshot of the 61st IETF Meeting in Washington, DC USA. It may now be out-of-date.

Last Modified: 2004-09-28


Jeffrey Hutzelman <jhutz@cmu.edu>

Security Area Director(s):

Russell Housley <housley@vigilsec.com>
Steven Bellovin <smb@research.att.com>

Security Area Advisor:

Russell Housley <housley@vigilsec.com>

Mailing Lists:

General Discussion: ietf-krb-wg@anl.gov
To Subscribe: majordomo@anl.gov
In Body: subscribe ietf-krb-wg your_email_address
Archive: ftp://ftp.ietf.org/ietf-mail-archive/krb-wg/

Description of Working Group:

Kerberos over the years has been ported to virtually every operating
system. There are at least two open source versions, with numerous
commercial versions based on these and other proprietary
implementations. Kerberos evolution has continued over the years, and
interoperability has been problematic.  A number of draft proposals
have been issued concerning aspects of new or extended functionality.

The group will strive to improve the interoperability of these
systems while improving security.

Specifically, the Working Group will:

* Clarify and amplify the Kerberos specification (RFC 1510) to make
  interoperability problems encountered in the past that occurred
  because of unclear specifications do not happen again.  The output of
  this process should be suitable for Draft Standard status.

* Select from existing proposals on new or extended functionality those
  that will add significant value while improving interoperability and
  security, and publish these as one or more Proposed Standards.

Goals and Milestones:

Done  First meeting
Done  Submit the Kerberos Extensions document to the IESG for consideration as a Proposed standard.
Dec 03  Complete first draft of Pre-auth Framework
Jan 04  Complete first draft of Extensions
Done  Submit K5-GSS-V2 document to IESG for consideration as a Proposed Standard
Mar 04  Submit the PKINIT document to the IESG for consideration as a Proposed Standard.
Apr 04  Submit Extensions document to IESG for consideration as a Proposed Standard
Apr 04  Submit Change/Set Password document to IESG for consideration as a Proposed Standard
May 04  Submit Pre-auth Framework document to IESG for consideration as a Proposed Standard
Oct 04  Submit PKCROSS to IESG for consideration as a Proposed Standard
Nov 04  Charter Review, update of milestones and refinement of goals.


  • draft-ietf-cat-kerberos-pk-init-21.txt
  • draft-raeburn-krb-rijndael-krb-07.txt
  • draft-ietf-krb-wg-kerberos-referrals-05.txt
  • draft-ietf-krb-wg-crypto-07.txt
  • draft-ietf-krb-wg-kerberos-clarifications-07.txt
  • draft-ietf-krb-wg-kerberos-sam-03.txt
  • draft-ietf-krb-wg-kerberos-set-passwd-02.txt
  • draft-ietf-krb-wg-gssapi-cfx-07.txt
  • draft-ietf-krb-wg-preauth-framework-02.txt
  • draft-ietf-krb-wg-ocsp-for-pkinit-01.txt
  • draft-ietf-krb-wg-sha1-00.txt

    No Request For Comments

    Current Meeting Report

    DRAFT Minutes for krb-wg at IETF61

    ** IETF 61 - San Diego, CA
    ** Kerberos Working Group
    ** Wed, Nov 10, 2004 - 13:30-15;30
    Chair:  Jeffrey Hutzelman
    Scribes: Ken Hornstein, Jeffrey Altman, Wayne Morrison
    * Agenda:
      + Preliminaries - Jeffrey Hutzelman (5 min)
      + Document Status - Jeffrey Hutzelman (5 min)
      + Extensions - Tom Yu (30 min)
      + PKINIT - Brian Tung (20 min)
      + OCSP for PKINIT - Larry Zhu (5 min)
      + SHA-1 - Ken Raeburn (5 min)
      + Preauthentication Framework - Sam Hartman (15 min)
      + Referrals - Larry Zhu (5 min)
      + Set/Change Password - Nico Williams (10 min)
      + Update Milestones - Chair and Participants (10 min)
    * Document Status
      The chairs reviewed the status of several documents moving through
      the IETF process, and solicited comments on a couple of issues...
      + Crypto Framework
        - The crypto framework is near the top of the RFC-Editor queue,
          and is expected to enter author's 48 hours in the next few
          weeks.  There are two changes of note which will be made in
          that period.
        - The first change is the inclusion of the PRF as discussed at
          the last meeting and on the mailing list.
        - The second change is a correction to the description of how
          checksums are calculated for the DES enctypes.  As written,
          the document is inconsistent on whether checksums for these
          enctypes should cover padding.  Existing implementations do
          include padding in the checksums, and the document will be
          updated to specify that.
      + GSSAPI-CFX
        - The GSSAPI mechanism is still in the RFC-Editor queue.
        - Larry believes it is important to import into this document
          the text on name types from RFC1964 (with suitable updates
          to references), so that implementors who are only targeting
          "new" enctypes will be able to refer only to the new document.
          This has been discussed with Russ, who will run the change
          past the IESG if the WG agrees it is the right thing to do.
        - The issue of the naming text is still under discussion on the
          mailing list; please comment there.
        - There is not a ticket for the naming issue.
      + AES
        - The AES document was approved by the IESG and is now in the
          RFC-Editor queue.
      + Kerberos Clarifications
        - Clarifications was approved by the IESG and is now in the
          RFC-Editor queue.  We're going to try not to call it back...
      + GSSAPI Mechanism Extensions
        - Nico has two documents which relate to extending the Kerberos
          GSSAPI mechanism to support GSSAPI extensions being considered
          in KITTEN.
        - draft-williams-krb5-gssapi-domain-based-names-00.txt
        - draft-williams-krb5-gssapi-prf-00.txt
        - These documents will be worked on and discussed in the KITTEN
          working group.
        - Last call will occur in both KITTEN and KRB-WG.
        - Any KRB-WG participants who are interested in these documents
          but have no interest in the rest of KITTEN's work and would
          have a problem with the work happening there should contact the
    * Extensions
      + Tom Yu gave an overview of the current status of extensions and
        some of the open issues.
      + There was a brief discussion on the issue of identifying typed
        holes using relative OID's.
        - Tom indicated there had been some concerns about using relative
          rather than absolute OID's since it would restrict use to a
          subset of the OID namespace which would likely contain only
          an arc belonging to Kerberos.
        - Sam indicated that this had been discussed in Boulder, and that
          we should stick with the decision made there unless someone
          specifically asked to reopen the issue.
        - Someone asked whether built-in compression in encoding would
          help with OID's with long prefixes.  Tom indicated that the
          constant previs could be fairly long.
        - The chair reviewed the minutes from Boulder, and found that the
          issue had been discussed extensively and while the minutes made
          no mention of discussion specifically about absoulte-vs-relative,
          the decision to allow OID's at all did specifically mention
          relative OID's.
        - Discussion about OID assignment policy was deferred in Boulder,
          and again today.
      + There was a discussion on notational conventions for referring
        to ASN.1 types and fields in the body of the text.
        - Clarifications is inconsistent on this point.
        - Tom gave examples of 4 methods used in clarifications.
        - There was strong agreement that the ALL_CAPS method was not good.
        - Agreement to use single or double quotes at the editor's discretion.
      + Tom listed some issues which still need to be resolved, but which
        were not discussed at the meeting.
      + The document will be republished as a WG document after the I-D
        submission blackout period.  There was some discussion about the
        title and filename for the new document.
    * PKINIT
      + Brian Tung gave an overview of the status of PKINIT.  Many of the
        open issues have now been closed.
      + Larry Zhu will be joining Brian as co-editor of PKINIT.
      + DER vs BER has been resolved; thanks to all who participated.
      + Nico Williams will write up text for how to indicate PKINIT support.
      + Sam Hartman will write up comments on unauthenticated plaintext.
      + Larry Zhu will send a concrete proposal for client name mapping.
      + There was discussion of ticket #666, related to removing the
        encryptionCert field.
        - It was previously proposed that this field be removed unless
          someone could identify what it was for, and the field went
          away in pkinit-20.
        - Love pointed out that the field was for supporting the case
          where the client's main cert was signing-only.
        - The chair conducted a poll to determine whether there was a
          desire to support solving the signing-only certs problem by
          using encryption certs instead of DH.  The sense of the room
          was strongly in favor of considering DH sufficient.
        - This issue will be revisited and validated on the list.
      + There was discussion of ticket #526, which is about the issue of
        constraints on subjectAltName/OtherName/KRB5PrincipalName.
        - Love Hörnquist-Åstrand pointed out there is currently no way
          to have constraints on this field, so you can't do things like
          issue a CA cert that is going only for one realm.
        - Russ Housley pointed out this is because AnotherName can be
          extended arbitrarily, so there is no way to have a defined
        - Nico says if a client asserts a cname, it's up to the KDC to
          implement policy.
        - Love asks if an ASN.1-encoded structure as the value for the
          otherName is a good idea, or if it should just be a string.
          There does not seem to be agreement for a change.
        - Sam Hartman says the strongest argument agsint doing constraints
          is that the KDC is alwasys in the loop and can enforce any
          name constraints it wants.
        - Russ Housley says he finds KDC-in-the-loop a compelling argument.
        - Jeffrey Hutzelman asked whether a constraint type defined in the
          future could be made critical.
        - Russ checked the specs, and determined that name constraints
          MUST be critical.
        - This issue can be addressed in the future without problems.
      + Sam Hartman made a proposal for handling of checksums in PKINIT
        - The basic problem is that Kerberos checksums aren't intended to
          be used for what PKINIT uses them for.  They're good for Kerberos
          operations, not random oracle DH operations.  Some people have
          suggested that kcrypto should provide suitable operations; Sam
          has objected.  Anything doing DH already has to do DH group
          negotiation.  Ken Raeburn went through the work of writing up
          unkeyed SHA-1, but discovered it didn't fit the model.
        - The proposal is to use a raw SHA-1 checksum now, and add a way
          to do negotiation later.
        - Sense of the room was in favor of not doing negotation now.
          This will be revisited and validated on the mailing list.
    * OCSP for PKINIT
      + Larry Zhu gave a presentation on the status of OCSP for PKINIT.
      + Draft was sent to the list, but there hasn't been any feedback.
        Please read and post comments.
      + Draft will be last called soon.
    * SHA-1
      + There was no presentation on the SHA-1 document.  Based on the
        direction we've chosen for PKINIT, this document will likely be
        allowed to expire.
    * Preauthentication Framework
      + Sam Hartman talked briefly on the preauth framework.  He is at the
        point where he needs a co-editor.
      + There was dicussions as to which Kerberos rev to target.
        - Sam asked whether we expect there to be enough clarifications-era
          preauth mechanisms that the framework will be needed.
        - Nico thinks preauth should target extensions.
        - Agreement seems to be to target extensions only
      + This is low priority for now.
    * Referrals
      + Larry Zhu gave a presentation on the current state of Referrals.
        He believes the document is close to ready for last call, but it
        has not received enough review.
    * Set/Change Password
      + Nico Williams gave a non-presentation on the Set/Change Password
        document.  There have been no interesting developments since the
        last meeting.  The major at the issue at the moment is still
      + Nico asked for some indication that it is the consensus of the WG
        that he is going in the right direction with this document.
    * Update Milestones
      + The following new and updated milestones were agreed on:
        DONE      Complete first draft of Pre-auth framework
        DONE      Complete first draft of Extensions
        Nov 2004  Last call on PKINIT
        Nov 2004  Last call on OCSP for PKINIT
        Feb 2005  Concensus on direction for Change/Set password
        Mar 2005  Major issues resolved on Extensions
        Jun 2005  Last call on Extensions
        Jun 2005  Last call on Referrals
        Sep 2005  Last call on Change/Set password
        Sep 2005  Charter Review
        DROP      Submit Pre-auth Framework document to IESG...
        DROP      Submit PKCROSS to IESG...


    Update on Kerberos Extensibility
    KDC Referrals