Kerberos WG (krb-wg) MONDAY, March 17 at 1300-1500 ============================== CHAIR: Doug Engert AGENDA: Introduction Doug Engert - 5 min Agenda bashing, appointing a scribe "The Kerberos Network Authentication Service (V5)" http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-03.txt Cliff Neuman - xx min Status: The Clarifications had one WG last call, and changes were requested. We wouldlike to start another WG last call at the WG meeting, so if you have any comments please get them in, or come to the meeting. (If you read nothing else, please read this document!) (As of 3/6 the draft-03 has been sent to the editors, but not posted. It should be available very soon. If you cant wait, see http://kerberos.us ) "Encryption and Checksum Specifications for Kerberos 5" http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-crypto-03.txt Ken Raeburn - xx min Status: This draft should go forward with Clarifications. Ken has a lot of comments on the list, which need to be discussed. I think this could be ready for last call shortly after them meeting. "AES Encryption for Kerberos 5" http://www.ietf.org/internet-drafts/draft-raeburn-krb-rijndael-krb-03.txt Ken Raeburn - xx min Status: This draftshould also go forward with Clarifications. It too is close to ready for WG last call. "Kerberos Set/Change Password: Version 2 http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-set-passwd-06.txt Wyllys Ingersoll - xx min Status: Passed WG last call last year, but has stalled. Nico Williams is the new editor, and will be making additional changes in light light of Clarifications. "Extension to Kerberos V5 For Additional Initial Encryption" http://www.ietf.org/proceedings/99nov/I-D/draft-ietf-cat-kerberos-extra-tgt-02.txt Jonathan Trostle and/or Sam Hartman - 10 min Status: Expired draft, but Jonathan has updated, and sent a copy to at least myself in December. There may be interest in reviving this. (I am listing the following drafts. They can discuss them if needed.) "Public Key Cryptography for Initial Authentication in Kerberos" http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-init-16.txt (Matt Hur) - 0 min Status: May need some changes based on recent comments on WG list, It could be ready for another WG last call. "Initial and Pass Through Authentication Using Kerberos V5 and GSS-API (IAKERB)" http://www.ietf.org/internet-drafts/draft-ietf-cat-iakerb-09.txt - 0 min Status: Passed WG last call, and sent to IESG. Has stalled, Martin Rex expressed complaints to IESG. Jeff Shiller has said he would look at it. WG might want to recommend it be Experimental, as no one is implementing it as far as we know. "Extensions" See http://www.kerberos.us -> Clarifications. Coments on Extensions are at the end. - 0 min Status: Waiting for Clarifications before proceeding. "Krb5 EAP method" http: none Derek Atkins - 0 min Status: EAP is the Extensible Authentication Protocol used by PPP/RADIUS/et.al. Derek is working on a specification for how to use EAP to carry Kerberos authentication data and requests between a client station and "the network. "Passwordless Initial Authentication to Kerberos by Hardware Preauthentication" http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-hw-auth-02.txt Matt Crawford - 0 min Status: "Integrating Single-use Authentication Mechanisms with Kerberos" http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-sam-01.txt - 0 min Status: "Kerberos KDC LDAP Schema" http://www.ietf.org/internet-drafts/draft-skibbie-krb-kdc-ldap-schema-01.txt Donna Skibbie - 0 min Status: May be of interest to the WG. "Stringprep Profile for Kerberos UTF-8 Strings" http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-utf8-profile-01.txt "Public Key Cryptography for Cross-Realm Authentication in Kerberos" http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-cross-09.txt Status: The draft has expired. "Distributing Kerberos KDC and Realm Information with DNS" http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-krb-dns-locate-03.txt "Keys Extension for the Kerberos KDC LDAP Schema" http://www.ietf.org/internet-drafts/draft-skibbie-krb-kdckeys-ldap-schema-00.txt DESCRIPTION: The prime goal of the working group is to get Kerberos Clarifications to last call, as most of the other documents depend on this. The Crypto and AES are also needed to round out the suite of useable documents.