Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension
draft-ietf-kitten-pkinit-freshness-07

Note: This ballot was opened for revision 07 and is now closed.

Alvaro Retana No Objection

(Stephen Farrell; former steering group member) Yes

Yes ()
No email
send info

(Alexey Melnikov; former steering group member) No Objection

No Objection ()
No email
send info

(Alia Atlas; former steering group member) No Objection

No Objection ()
No email
send info

(Alissa Cooper; former steering group member) No Objection

No Objection ()
No email
send info

(Ben Campbell; former steering group member) No Objection

No Objection ()
No email
send info

(Benoît Claise; former steering group member) No Objection

No Objection (2016-12-01)
No email
send info
As mentioned by Scott Bradner in his OPS-DIR review, some words about operational guidance (not implementation guidance) would be welcome: "
what kind of message could the operator give to their users to minimize the disruption when errors start popping up " would be welcome.
See https://www.ietf.org/mail-archive/web/ops-dir/current/msg02267.html.

(Deborah Brungard; former steering group member) No Objection

No Objection ()
No email
send info

(Jari Arkko; former steering group member) (was Discuss) No Objection

No Objection (2016-12-01)
No email
send info
This was a Discuss, but I changed it to a comment because we don't need both me and Kathleen holding the same issue: "I am concerned about the issue that Russ Housley raised in his Gen-ART review: bad practices in creating the freshness tokens creates a security issue. If this cannot be handled in the way that Russ initially suggested (setting a minimum number of bits) then a proper discussion of the issue and recommendations to avoid the problems need to be included in the security considerations section."

Other issues from Russ' Gen-ART review should also be addressed (editorial ones + possible max size).

(Joel Jaeggli; former steering group member) No Objection

No Objection ()
No email
send info

(Kathleen Moriarty; former steering group member) (was Discuss) No Objection

No Objection (2016-12-20)
No email
send info
Thanks for covering my prior discuss with a paragraph provided as an RFC editor note.

(Mirja Kühlewind; former steering group member) No Objection

No Objection ()
No email
send info

(Spencer Dawkins; former steering group member) No Objection

No Objection ()
No email
send info

(Suresh Krishnan; former steering group member) No Objection

No Objection ()
No email
send info

(Terry Manderson; former steering group member) No Objection

No Objection ()
No email
send info