idnits 2.17.1 

draft-ietf-secsh-agent-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.

  ** The abstract seems to contain references ([SSH-TRANS]), which it
     shouldn't.  Please replace those with straight textual mentions of the
     documents in question.

  ** The document seems to lack a both a reference to RFC 2119 and the
     recommended RFC 2119 boilerplate, even if it appears to use RFC 2119
     keywords. 

     RFC 2119 keyword, line 89: '...t implementation MUST support requests...'


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (December 10, 2001) is 8173 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Unused Reference: 'FIPS-186' is defined on line 111, but no explicit
     reference was found in the text

  == Unused Reference: 'SSH-ARCH' is defined on line 115, but no explicit
     reference was found in the text

  == Unused Reference: 'SSH-CONNECT' is defined on line 124, but no explicit
     reference was found in the text

  -- Possible downref: Non-RFC (?) normative reference: ref. 'FIPS-186'

  -- No information found for draft-ietf-architecture - is the name correct?

  -- Possible downref: Normative reference to a draft: ref. 'SSH-ARCH' 

  -- No information found for draft-ietf-transport - is the name correct?

  -- Possible downref: Normative reference to a draft: ref. 'SSH-TRANS' 

  -- No information found for draft-ietf-userauth - is the name correct?

  -- Possible downref: Normative reference to a draft: ref. 'SSH-USERAUTH' 

  -- No information found for draft-ietf-connect - is the name correct?

  -- Possible downref: Normative reference to a draft: ref. 'SSH-CONNECT' 


     Summary: 5 errors (**), 0 flaws (~~), 5 warnings (==), 11 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                          D. Moffat
3	Internet-Draft                                          Sun Microsystems
4	Expires: June 10, 2002                                 December 10, 2001

6	                          SSH Agent Forwarding
7	                     draft-ietf-secsh-agent-00.txt

9	Status of this Memo

11	   This document is an Internet-Draft and is in full conformance with
12	   all provisions of Section 10 of RFC2026.

14	   Internet-Drafts are working documents of the Internet Engineering
15	   Task Force (IETF), its areas, and its working groups.  Note that
16	   other groups may also distribute working documents as Internet-
17	   Drafts.

19	   Internet-Drafts are draft documents valid for a maximum of six months
20	   and may be updated, replaced, or obsoleted by other documents at any
21	   time.  It is inappropriate to use Internet-Drafts as reference
22	   material or to cite them other than as "work in progress."

24	   The list of current Internet-Drafts can be accessed at
25	   http://www.ietf.org/ietf/1id-abstracts.txt.

27	   The list of Internet-Draft Shadow Directories can be accessed at
28	   http://www.ietf.org/shadow.html.

30	   This Internet-Draft will expire on June 10, 2002.

32	Copyright Notice

34	   Copyright (C) The Internet Society (2001).  All Rights Reserved.

36	Abstract

38	   SSH is a protocol for secure remote login and other secure network
39	   services over an insecure network.  One of the common authentication
40	   mechanisms used with SSH is public key.  This document describes the
41	   authentication agent forwarding protocol, which runs as a channel
42	   over [SSH-TRANS] it is designed to ensure that the sensitive private
43	   keys never leave the users control even when using SSH to login over
44	   multiple hops.

46	Table of Contents

48	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
49	   1.1 Agent Operations . . . . . . . . . . . . . . . . . . . . . . .  3
50	   2.  Security Considerations  . . . . . . . . . . . . . . . . . . .  3
51	   3.  Additional Information . . . . . . . . . . . . . . . . . . . .  4
52	       References . . . . . . . . . . . . . . . . . . . . . . . . . .  4
53	       Author's Address . . . . . . . . . . . . . . . . . . . . . . .  4
54	       Full Copyright Statement . . . . . . . . . . . . . . . . . . .  5

56	1. Introduction

58	   This protocol is designed to facilitate an ad hoc secure single sign
59	   on mechanism using the SSH protocol.  A typical scenario is that a
60	   user has their private keys stored on their laptop (host A) and uses
61	   the SSH protocol to remotely connect to their corporate VPN (host B)
62	   access point.  Then uses further SSH connections to reach a specific
63	   host (host C) within the enterprise network.

65	   Without agent forwarding the user is required to have a copy of their
66	   private key on host A and host B so that the connection to host C can
67	   be made using public key authentication.  The key pairs used for the
68	   host A to B and the host B to C connection maybe the same but this is
69	   not always the case.

71	   This presents a security risk since the users private key(s) must be
72	   stored on host B which is likely to be a host the end user is not in
73	   control of even though they do trust it.  It is likely that the
74	   private keys on host A and host B are stored in an encrypted format,
75	   this means the user has at least two passwords to enter to make the
76	   connection from A to C.

78	   Ideally the private keys should remain on a device in the direct
79	   control of the end user (host A in this example) and all encryption
80	   and signing operations involving the private key should be performed
81	   on this device, regardless of the location of the entity requesting
82	   the operation.

84	1.1 Agent Operations

86	   The following interactions with the agent are requried: ADD, DELETE,
87	   LIST, SIGN.

89	   An agent implementation MUST support requests to forward operations
90	   using all public key types, defined in [SSH-USERAUTH] even those that
91	   the implementation doesn't support natively.

93	2. Security Considerations

95	   This protocol is designed only to run as a channel of the SSH
96	   protocol.

98	   The goal of this extension is to ensure that the users private keys
99	   never leave the machine they are physically at.  Ideally the private
100	   keys should be stored on a password protected removable media such as
101	   a smartcard.

103	3. Additional Information

105	   The current document editor is: Darren.Moffat@Sun.COM.  Comments on
106	   this internet draft should be sent to the IETF SECSH working group,
107	   details at: http://ietf.org/html.charters/secsh-charter.html

109	References

111	   [FIPS-186]      Federal Information Processing Standards Publication,
112	                   ., "FIPS PUB 186, Digital Signature Standard", May
113	                   1994.

115	   [SSH-ARCH]      Ylonen, T., "SSH Protocol Architecture", I-D draft-
116	                   ietf-architecture-11.txt, July 2001.

118	   [SSH-TRANS]     Ylonen, T., "SSH Transport Layer Protocol", I-D
119	                   draft-ietf-transport-11.txt, July 2001.

121	   [SSH-USERAUTH]  Ylonen, T., "SSH Authentication Protocol", I-D draft-
122	                   ietf-userauth-13.txt, July 2001.

124	   [SSH-CONNECT]   Ylonen, T., "SSH Connection Protocol", I-D draft-
125	                   ietf-connect-14.txt, July 2001.

127	Author's Address

129	   Darren J Moffat
130	   Sun Microsystems
131	   901 San Antonio Road
132	   Palo Alto  94303
133	   USA

135	   EMail: Darren.Moffat@Sun.COM

137	Full Copyright Statement

139	   Copyright (C) The Internet Society (2001).  All Rights Reserved.

141	   This document and translations of it may be copied and furnished to
142	   others, and derivative works that comment on or otherwise explain it
143	   or assist in its implementation may be prepared, copied, published
144	   and distributed, in whole or in part, without restriction of any
145	   kind, provided that the above copyright notice and this paragraph are
146	   included on all such copies and derivative works.  However, this
147	   document itself may not be modified in any way, such as by removing
148	   the copyright notice or references to the Internet Society or other
149	   Internet organizations, except as needed for the purpose of
150	   developing Internet standards in which case the procedures for
151	   copyrights defined in the Internet Standards process must be
152	   followed, or as required to translate it into languages other than
153	   English.

155	   The limited permissions granted above are perpetual and will not be
156	   revoked by the Internet Society or its successors or assigns.

158	   This document and the information contained herein is provided on an
159	   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
160	   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
161	   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
162	   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
163	   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

165	Acknowledgement

167	   Funding for the RFC Editor function is currently provided by the
168	   Internet Society.