W3C home > Mailing lists > Public > ietf-tls@w3.org > January to March 1997

addition of Kerberos ciphersuites in TLS

From: Matt Hur <matt.hur@CyberSafe.COM>
Date: Mon, 03 Mar 1997 19:02:12 -0800
Message-Id: <>
To: treese@OpenMarket.com, ietf-tls@w3.org
A draft for the addition of Kerberos ciphersuites was presented at the last
TLS working group meeting (draft-ietf-tls-kerb-cipher-suites-00.txt
reference implementation is available at ftp://nii.isi.edu/pub/ssl-krb).
We would like to place this draft on the agenda for the working group
meeting in Memphis, and move that it be added to the body of the TLS draft.

To date, authentication in TLS is limited only to public key solutions.  As
a result, TLS does not fully support organizations with heterogeneous
security deployments that include authentication systems based on symmetric
Kerberos, originally developed at MIT, is based on an open standard and is
the most widely deployed symmetric key authentication system.  The draft
presented at the Dec. meeting of the IETF proposes a new option for
negotiating Kerberos authentication within the TLS framework.  This
achieves mutual authentication and the establishment of a master secret
using Kerberos credentials.  The proposed changes are minimal and, in fact,
no different from adding a new public key algorithm to the TLS framework.

Matt Hur and Ari Medvinsky

Matt Hur                       CyberSafe
matt.hur@cybersafe.com         1605 NW Sammamish Road, Suite 310
(206) 391-6000                 Issaquah, WA 98027-5378
Received on Monday, 3 March 1997 21:59:51 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:12 UTC