The IESG has received a request from the Kerberos WG (krb-wg) to consider the following document: - 'Kerberos Principal Name Canonicalization and KDC-Generated Cross-Realm Referrals' <draft-ietf-krb-wg-kerberos-referrals-14.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the i...@ietf.org mailing lists by 2012-09-26. Exceptionally, comments may be sent to i...@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The memo documents a method for a Kerberos Key Distribution Center (KDC) to respond to client requests for Kerberos tickets when the client does not have detailed configuration information on the realms of users or services. The KDC will handle requests for principals in other realms by returning either a referral error or a cross-realm TGT to another realm on the referral path. The clients will use this referral information to reach the realm of the target principal and then receive the ticket. This memo also provides a mechanism for verifying that a request has not been tampered with in transit. This memo updates RFC 4120. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-krb-wg-kerberos-referrals/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-krb-wg-kerberos-referrals/ballot/ No IPR declarations have been submitted directly on this I-D.
