
Krb-wg met Tuesday afternoon. 

Chair: Jeffrey Hutzelman and Larry Zhu
Scribe: Shawn Emery
AD: Tim Polk

We reviewed the changes in our current Internet Drafts.  We discussed issues raised in 
list discussions and consensus calls. There are two outstanding issues for 
draft-josefsson-kerberos5-starttls, namely KDC-certificate validation and channel bindings.  
It is noted that current starttls implementations can only handle pre-shared certificates. 
We decided that starttls should require certificate validation using pre-shared certificates. 
we did not come to a conclusion on certificate valildation, which is a discussion still 
ongoing on the krb-wg mailing list, but which the chairs hope will be resolved soon. We 
did not come to a conclusion on the question of whether to adopt the krb5starttls-bootstrap 
document or on the separation of features between core starttls and -bootstrap.  However, 
we did collect some input which we hope will help us to make a useful proposal for moving 
forward. The intended status of the starttls document was also not decided and it was only 
discussed briefly in the jabber room.

We then discussed an issue involving the RFC3961 PRF for AES. We found that all current 
implementations truncate the input by the minimium number of bytes to multiple of AES 
cipher block size 16 bytes while the specification in RFC3961 does not truncate. We 
decided to adopt the PRF with truncation as the official PRF but we are to find out 
what is the right process to do this and we will involve the document author Ken and 
security AD Tim Polk. The decision is to be verified on the list.


After the PRF discussion, we turned our attention to two issues in the preauth document. 
Sam made the presentation. One is how to detect thus prevent the FAST padata from being 
stripped by active attackers. An AD element will be used to indicate FAST padata is used 
to mitigate the threat. Another issue is that TLS-finished style checksum adds some 
complexity to implementers but no significant benefits. We will remove the finished 
checksum in the next revision.

We also have the following additional action items and decisions:

1) Updates to the data model document have been made based on WGLC comments. We will 
start another WGLC. Follow up: jhutz and Leif.

2) Anonymity document has one new open issue regard to exported names. Larry Zhu is 
going to propose a solution and go through the list. We have good and healthy discussions. 
Followup: Larry

3) Love proposed an alternative proposal to use the server nonce to allow both the client 
and the KDC contribute the ticket Session key. Larry Zhu and/love will write up the idea 
and propose it to the list. Followup: Larry and Love.

4) IAKERB WGLC is concluded. One comment is to be addressed by adding appropriate text 
to the security considerations section. Followup: Larry to update, and Jhutz to forward 
it to IESG

5) Ticket extensions adopted as work group item. Followup: jhutz

6) DHCP options to be added to allow KDC discovery, adopted as working group item, and 
to update the krb-wg charter. Followup: jhutz

7) The preauth ID to be updated and start WGLC. Followup: Sam Hartman to publish -11 
based on the group decisions, 3 designated volunteer reviewers to complete review in 
the next weeks timeframe: Cliff Newman, Love, and Nicolas Williams