@techreport{weber-krb-wg-kerberos-pfs-00,
    number =    {draft-weber-krb-wg-kerberos-pfs-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-weber-krb-wg-kerberos-pfs/00/},
    author =    {Joel N. Weber},
    title =     {{Kerberos Perfect Forward Secrecy}},
    pagetotal = 8,
    year =      2003,
    month =     jul,
    day =       28,
    abstract =  {This document defines the use of a Diffie-Hellman exchange in Kerberos, both with AP-REQ/AP-REP (in order to protect against passive eavesdropping of a session by the realm administrator), and as a preauthentication method (in order to prevent a passive eavesdropper from capturing ciphertext with which an offline dictionary attack can be mounted).},
}