Protocol Action: 'The Unencrypted Form Of Kerberos 5 KRB-CRED Message' to Proposed Standard (draft-ietf-krb-wg-clear-text-cred-03.txt)
The IESG <iesg-secretary@ietf.org> Mon, 26 September 2011 14:30 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18E7521F8D8A for <ietf-announce@ietfa.amsl.com>; Mon, 26 Sep 2011 07:30:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.508
X-Spam-Level:
X-Spam-Status: No, score=-102.508 tagged_above=-999 required=5 tests=[AWL=0.091, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i3PIewezwN5u; Mon, 26 Sep 2011 07:30:51 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B99521F8D8C; Mon, 26 Sep 2011 07:30:51 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'The Unencrypted Form Of Kerberos 5 KRB-CRED Message' to Proposed Standard (draft-ietf-krb-wg-clear-text-cred-03.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 3.60
Message-ID: <20110926143051.3804.85364.idtracker@ietfa.amsl.com>
Date: Mon, 26 Sep 2011 07:30:51 -0700
Cc: krb-wg mailing list <ietf-krb-wg@lists.anl.gov>, krb-wg chair <krb-wg-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Sep 2011 14:30:52 -0000
The IESG has approved the following document: - 'The Unencrypted Form Of Kerberos 5 KRB-CRED Message' (draft-ietf-krb-wg-clear-text-cred-03.txt) as a Proposed Standard This document is the product of the Kerberos Working Group. The IESG contact persons are Stephen Farrell and Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-krb-wg-clear-text-cred/ Technical Summary The Kerberos 5 KRB-CRED message is used to transfer Kerberos credentials between applications. When used with a secure transport the unencrypted form of the KRB-CRED message may be desirable. This document describes the unencrypted form of the KRB-CRED message. Working Group Summary The Kerberos Working group had consensus to publish this document as a proposed standard. Document Quality The OASIS Security Services TC received a request for a mechanism to transport a Kerberos ticket and associated credential information in the Security Assertion Markup Language. This will be transported over a confidentiality and integrity protected channel. The intent is for a SAML IDP to be able to permit a SAML service to use Kerberos acting on behalf of some subject. As such, the service may have no existing Kerberos keying material but will have SAML keying material. As an implementation accident, at least three Kerberos implementations already had a facility for transporting Kerberos credentials without a key. Previously this was thought to be an unneeded facility that at best was yet another corner case to test. This document standardizes that already widely implemented facility because it happened to meet the needs of the WG in this area. Personnel Sam Hartman is the document shepherd. Stephen Farrell is the responsible AD.