Jeffrey Hutzelman <jhutz <at> cmu.edu>
2006-11-04 05:12:41 GMT
At the last IETF meeting, we had a discussion about updating our charter.
Based on that discussion, current work, and my impression of where things
are going, I've put together an initial proposal, which I've included
below. This is in no way set in stone -- it's just a starting point for
some discussion, which I hope to have in San Diego. Comments are welcome,
both here on the mailing list and during the meeting.
It should be noted that we don't actually get to define our own charter.
Working group charters are set by the IESG. However, it is likely that
the IESG will approve a charter substantially similar to what we propose;
thus, this discussion is fairly important.
Kerberos over the years has been ported to virtually every operating
system. There are at least two open source versions, with numerous
commercial versions based on these and other proprietary implementations.
Kerberos evolution has continued in recent years, with the development
of a new crypto framework, publication of a new version of the Kerberos
specification, support for initial authentication using public keys, and
numerous extensions developed in and out of the IETF.
However, wider deployment and advances in technology bring with them both
new challenges and new opportunities, particularly with regard to making
initial authentication of users to the Kerberos system both convenient
and secure. In addition, several key feature remain undefined.
The Kerberos Working Group will advance the state of the core Kerberos
specification, produce specifications for missing functionality, and
develop extensions to address new needs and technologies related to