Update on Kerberos Extensibility - - PowerPoint PPT Presentation

update on kerberos extensibility
SMART_READER_LITE
LIVE PREVIEW

Update on Kerberos Extensibility - - PowerPoint PPT Presentation

Feb 02, 2023 318 likes •407 views

Update on Kerberos Extensibility draft-yu-krb-wg-kerberos-extensions-02.txt Tom Yu IETF 61 Kerberos Extensibility Document Status Notational Conventions Future Plans 1 Document Status Updates from -00 Update I-D boilerplate

slide-1
SLIDE 1

Update on Kerberos Extensibility

draft-yu-krb-wg-kerberos-extensions-02.txt

Tom Yu IETF 61

slide-2
SLIDE 2

Kerberos Extensibility

  • Document Status
  • Notational Conventions
  • Future Plans

1

slide-3
SLIDE 3

Document Status

Updates from -00

  • Update I-D boilerplate
  • Drop information object notation (for now)
  • More text explaining ASN.1 usage
  • More KDC-REQ description
  • Tighten constraints on IA5 vs UTF8 strings

2

slide-4
SLIDE 4

Document Status (cont’d)

Updates from -01

  • More complete
  • Text on extensibility/criticality (from Sam)
  • Typed holes can use RELATIVE-OID or integers
  • Language tags
  • Rough IANA considerations

3

slide-5
SLIDE 5

Notational Conventions

  • Which convention for ASN.1 identifiers in text?
  • ASN.1 has lexically significant case
  • Possible confusion if identifiers not set off from text

4

slide-6
SLIDE 6

Notational Conventions (cont’d)

  • RFC 1510 and Clarifications use C-styled ALL_CAPS
  • C-styled:

#define KDC_ERR_PREAUTH_FAILED 24

  • ASN.1-styled:

kdc-err-preauth-failed ErrCode ::= 24

  • ALL_CAPS vs "quoted"?

5

slide-7
SLIDE 7

Future Plans

  • What should the module look like?
  • Which IANA assignment policies?
  • Incorporate preauth framework?
  • Different document name?

6