Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension
RFC 8070

Received changes through RFC Editor sync (created alias RFC 8070, changed abstract to 'This document describes how to further extend the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) extension (defined in RFC 4556) to exchange an opaque data blob that a Key Distribution Center (KDC) can validate to ensure that the client is currently in possession of the private key during a PKINIT Authentication Service (AS) exchange.', changed pages to 9, changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2017-02-16, changed IESG state to RFC Published)