A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Extensions to Secure Shell Public Key Subsystem
Author(s) : Mark Joseph
Jim Susoy
Filename : draft-joseph-pkix-sshextension-00.txt
Pages : 8
Date : 2013-05-16
Abstract:
The Secure Shell Public Key Subsystem protocol defines a key distribution
protocol to provision an SSH server with user's public keys. However,
that protocol is limited to provisioning an SSH server. This document
describes extensions to this protocol to allow the provisioning of keys
and certificates to a server using the SSH transport.
The defined protocol extensions allow the calling client to organize
keys and certificates in different namespaces on a server. These
namespaces can be used by the server to allow a client to configure
any application running on the server (e.g., SSH, KMIP, SNMP).
The defined extensions provide a server-independent mechanism for clients
to add public keys, remove public keys, add certificates, remove
certificates, and list the current set of keys and certificates known by
the server by namespace (e.g., list all public keys in the SSH
namespace).
Rights to manage keys and certificates in a specific namespace are
specific and limited to the authorized user and are defined as part of
the server's implementation. The described protocol is backward
compatible to version 2 defined by RFC 4819.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-joseph-pkix-sshextension
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-joseph-pkix-sshextension-00
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
