Kerberos WG  (krb-wg) 

MONDAY, March 17 at 1300-1500
==============================

CHAIR: Doug Engert <deengert@anl.gov>


AGENDA:


  Introduction  
        Doug Engert - 5 min
        Agenda bashing, appointing a scribe


 
"The Kerberos Network Authentication Service (V5)"       
        http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarifications-03.txt
        Cliff Neuman - xx min
        
        Status: The Clarifications had one WG last call, and changes were requested. 
        We wouldlike to start another WG last call at the WG meeting, so if you have
        any comments please get them in, or come to the meeting. 
        (If you read nothing else, please read this document!)


        (As of 3/6 the draft-03 has been sent to the editors, but not posted. It should
        be available very soon. If you cant wait, see http://kerberos.us )


"Encryption and Checksum Specifications for Kerberos 5" 
        http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-crypto-03.txt
        Ken Raeburn - xx min 


        Status: This draft should go forward with Clarifications. Ken has a lot of 
        comments on the list, which need to be discussed. I think this could be ready for
        last call shortly after them meeting. 



"AES Encryption for Kerberos 5"
        http://www.ietf.org/internet-drafts/draft-raeburn-krb-rijndael-krb-03.txt
        Ken Raeburn - xx min


        Status: This draftshould also go forward with Clarifications. It too is close
        to ready for WG last call.
 


"Kerberos Set/Change Password: Version 2
        http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-set-passwd-06.txt  
        Wyllys Ingersoll - xx min


        Status: Passed WG last call last year, but has stalled. 
        Nico Williams is the new editor, and will be making additional changes in light
        light of Clarifications. 


"Extension to Kerberos V5 For Additional Initial Encryption"
        http://www.ietf.org/proceedings/99nov/I-D/draft-ietf-cat-kerberos-extra-tgt-02.txt


        Jonathan Trostle and/or Sam Hartman - 10 min


        Status: Expired draft, but Jonathan has updated, and sent a copy to at least myself
        in December. There may be interest in reviving this. 
        


(I am listing the following drafts. They can discuss them if needed.)


        
"Public Key Cryptography for Initial Authentication in Kerberos"
        http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-init-16.txt
        (Matt Hur) - 0 min


        Status: May need some changes based on recent comments on WG list,
        It could be ready for another WG last call.


        
"Initial and Pass Through Authentication Using Kerberos V5 and GSS-API (IAKERB)"
        http://www.ietf.org/internet-drafts/draft-ietf-cat-iakerb-09.txt
         - 0 min


        Status: Passed WG last call, and sent to IESG. Has stalled,
        Martin Rex expressed complaints to IESG. Jeff Shiller has said he would
        look at it. WG might want to recommend it be Experimental, as no one
        is implementing it as far as we know. 



"Extensions"
        See http://www.kerberos.us -> Clarifications. Coments on Extensions are at the end.
        - 0 min


        Status: Waiting for Clarifications before proceeding.



"Krb5 EAP method"
        http: none
        Derek Atkins - 0 min


        Status: EAP is the Extensible Authentication Protocol used by 
        PPP/RADIUS/et.al.  Derek is working on a specification
        for how to use EAP to carry Kerberos authentication data and requests
        between a client station and "the network.



"Passwordless Initial Authentication to Kerberos by Hardware Preauthentication"
        http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-hw-auth-02.txt
        Matt Crawford - 0  min


        Status: 



"Integrating Single-use Authentication Mechanisms with Kerberos"
        http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-sam-01.txt
        - 0 min


        Status: 



"Kerberos KDC LDAP Schema"
        http://www.ietf.org/internet-drafts/draft-skibbie-krb-kdc-ldap-schema-01.txt
        Donna Skibbie - 0 min


        Status: May be of interest to the WG. 




"Stringprep Profile for Kerberos UTF-8 Strings"
        http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-utf8-profile-01.txt



"Public Key Cryptography for Cross-Realm Authentication in Kerberos"
        http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-cross-09.txt


        Status: The draft has expired.


 
"Distributing Kerberos KDC and Realm Information with DNS"
        http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-krb-dns-locate-03.txt



"Keys Extension for the Kerberos KDC LDAP Schema"
        http://www.ietf.org/internet-drafts/draft-skibbie-krb-kdckeys-ldap-schema-00.txt




DESCRIPTION:


The prime goal of the working group is to get Kerberos Clarifications to last call,
as most of the other documents depend on this. The Crypto and AES are also needed
to round out the suite of useable documents.