UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8070

Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 February 2017
Status: active
Page Count: 9
scope:

This document describes how to further extend the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) extension (defined in RFC 4556) to exchange an opaque data blob that a Key Distribution Center (KDC) can validate to ensure that the client is currently in possession of the private key during a PKINIT Authentication Service (AS) exchange.

Document History

IETF RFC 8070
February 1, 2017
Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension
This document describes how to further extend the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) extension (defined in RFC 4556) to exchange an opaque data blob that a Key...

References

This document references:
IETF RFC 6113 - A Generalized Framework for Kerberos Pre-Authentication
Published by IETF on April 1, 2011
Kerberos is a protocol for verifying the identity of principals (e.g., a workstation user or a network server) on an open network. The Kerberos protocol provides a facility called pre-authentication....
This document is referenced by:
IETF RFC 8636 - Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Algorithm Agility
Published by IETF on July 1, 2019
Abstract This document updates the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) standard (RFC 4556) to remove protocol structures tied to specific cryptographic algorithms....
Advertisement