The Kerberos WG (krb-wg) meet at 55th IETF, 11/19/02 [13:00] Doug Engert opened the meeting with a review of the agenda. There where about 60 people attending. Larry Greenfield volunteered to take note. [13:10] Cliff Neuman, Kerberos Clarifications Today is the last day of the WG last call for Kerberos clarifications, draft-ietf-krb-wg-kerberos-clarifications-02.txt. There were many comments; http://www.kerberos.isi.edu/people/bcn/krb-revisions/ have the latest issues and the editor's classification of them. Sam Hartman is bringing up concerns about authorization data SHOULD versus MUSTs. There is consensus that "all authorization data" MUST be rejected if not understood and encapsulating elements must be be implemented." It's decided that there has to be another WG last call once a new draft reflecting issues has been issued. [13:18] Ken Raeburn, Encryption and Checksum Specifications for Kerberos 5 draft-ietf-krb-wg-crypto-02.txt draft-raeburn-krb-rijndael-krb-02.txt Ken and others believe that clarifications, encryption, and the AES documents will all have to move simultaneously. There needs to be another encryption draft because of DES specification problems. The latest version of the AES document dropped twofish and 192-bit AES. One issue is whether there needs to be a new function in the crypto profile for generating random data to feed into algorithms for combining keys. [13:25] Matt Hur, PKINIT draft-ietf-cat-kerberos-pk-init-16.txt There have been very few changes in the past few revisions. The goal is to last call this document shortly after clarifications. Tom Yu brings up that RFC 2253 transformation from cert to principal isn't unique. Kurt Zelinga, Tom Yu, Leif Johansson, Bob Morgan, Larry Greenfield, Jeff Altman, participate in a discussion. General consensus that the certificate to principal mapping is a site policy issue but some guidance might be helpful. There was some amount of confusion when PKTAPP was brought up, since then services (and not just KDCs) will be making the mapping. Agreement to discuss the mapping problem on the list and there will be another version of the draft. [13:46] Sam Hartman, Kerberos set/change password draft-ietf-cat-kerberos-set-passwd-06.txt Issue #1: This specification implicitly changes the Kerberos protocol by making restrictions on what addresses are passed to krb_mk_priv(). Issue #2: The draft currently specifies UTF-8; it would be nice to have something that works now and continues to work after extensions makes Kerberos Unicode friendly. This brings up non-unicode characters, stringprep, and where to normalize. Sam recommends sending unnormalized UTF-8 to the server with a recommendation to confine to US-ASCII if you want to interoperate now. Issue #3: Sam would like to force some principals to only have random keys. There's a concern from the crowd that the KDC is currently a free source of entropy. Leif thinks that a fix to this draft may help sync ldap change password extend operations with set-change password. There was also discussions about aligning krb password policy with ldap password policy schema as part of the schema work... The chair sees consensus that set/change password should be withdrawn from the IESG, fixed, and resubmitted. [14:00] End of first session, 15 minute break. [14:15] Cliff Neuman, Kerberos Extensions Cliff summarizes where extensions came from and what the goals are. Jeff Altman contributes that the i18n extensions mostly revolve around normalization. Many of the things listed for extensions (client canonicalization, updating MUSTs versus SHOULDs) have actually been done or partially done in clarifications. Tom Yu brings up the edata outstanding issues, including authenticated cleartext and typed data inside of edata. Sam Hartman relays that previous consensus in Feb was that the typed data wasn't the general solution. Sam also brings up problems with name space constraints that are mentioned in clarifications and should be addressed in extensions (cross-realm cache poisoning). Cliff talks about what will be enabled by extensions and emphasized backwards compatibility. Matt Hur queries if this will still be Kerberos v5 or if the protocol number should change. An impassioned discussion follows where many people say "who cares what the protocol number is". [14:42] Glen Zorn, IAKERB draft-ietf-cat-iakerb-08.txt Glen talks about the current state of the draft (in the hands of the IESG) and, upon querying by the chair, says that he's not familiar with Martin Rex's objections. Glen thought Symbol might have done an implementation of IAKERB, but the crowd disagrees. Jeff Hutzelman relays some of Martin Rex's concerns, like "SPNEGO in this protocol has no value" and "under specified for a GSS mechanism" so "no two implementations will interoperate". The document editor, Jonathan Trostle, thought that he had addressed Martin's comments. The chair notes that the WG is still waiting on Jeff Schiller's comments. There is consensus that IAKERB is seriously flawed if it can't deal with multiple round trips and various preauth mechanisms. Glen Zorn dissents. The WG discusses moving the document to experimental instead of standards-track. The chair asks if the WG should withdraw this document; the room is split 50-50 with no consensus. The chair notes that those in favor for withdrawal, are mostly core developers, those in favor of not withdrawal are vendors who might still find it useful. [14:50] Derek Atkins, Krb5-EAP Derek presents an alternative to IAKERB and believes he will have a draft out in mid-December. His approach uses EAP to tunnel "random" Kerberos messages. [14:55] Ken Hornstein, initial authentication draft-ietf-krb-wg-hw-auth-02.txt draft-ietf-krb-wg-kerberos-sam-01.txt Ken discusses protecting the initial authentication using the local host key and how it interacts with hardware preauth. One problem with kerbeors-sam-01 is that it is insecure when used with RC4. [15:00] Donna Skibbie, Kerberos LDAP schema draft-skibbie-krb-kdc-ldap-schema-01.txt There is general interest that this is good work; a fairly large group has indicated specific interest. Leif asks why the information model was removed from the base Kerberos spec (clarifications). Ken Raeburn replies that it was overly MIT specific, and there's general consensus that a general information model would be a good thing. Donna asks people to contact her if you want to be added to the Kerberos-ldap-schema-list. Leif pointed out: There was also discussions about aligning krb password policy with ldap password policy schema. [15:08] done, 8 minutes overtime.