Skip to main content

The Unencrypted Form of Kerberos 5 KRB-CRED Message
RFC 6448

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    krb-wg mailing list <>,
    krb-wg chair <>
Subject: Protocol Action: 'The Unencrypted Form Of Kerberos 5 KRB-CRED Message' to Proposed Standard (draft-ietf-krb-wg-clear-text-cred-03.txt)

The IESG has approved the following document:
- 'The Unencrypted Form Of Kerberos 5 KRB-CRED Message'
  (draft-ietf-krb-wg-clear-text-cred-03.txt) as a Proposed Standard

This document is the product of the Kerberos Working Group.

The IESG contact persons are Stephen Farrell and Sean Turner.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

The Kerberos 5 KRB-CRED message is used to transfer Kerberos
credentials between applications. When used with a secure transport
the unencrypted form of the KRB-CRED message may be desirable. This
document describes the unencrypted form of the KRB-CRED message.

Working Group Summary

The Kerberos Working group had consensus to publish this document as a
proposed standard.

Document Quality

The OASIS Security Services TC received a request for a mechanism to
transport a Kerberos ticket and associated credential information in
the Security Assertion Markup Language. This will be transported over
a confidentiality and integrity protected channel. The intent is for a
SAML IDP to be able to permit a SAML service to use Kerberos acting on
behalf of some subject. As such, the service may have no existing
Kerberos keying material but will have SAML keying material. As an
implementation accident, at least three Kerberos implementations
already had a facility for transporting Kerberos credentials without a
key. Previously this was thought to be an unneeded facility that at
best was yet another corner case to test. This document standardizes
that already widely implemented facility because it happened to meet
the needs of the WG in this area. 


Sam Hartman is the document shepherd.
Stephen Farrell is the responsible AD.

RFC Editor Note