RFC 2712 (rfc2712) - Page 2 of 7
Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)
Alternative Format: Original Text Document
RFC 2712 Addition of Kerberos Cipher Suites to TLS October 1999
based on an open standard [2] and is the most widely deployed
symmetric key authentication system. This document proposes a new
option for negotiating Kerberos authentication within the TLS
framework. This achieves mutual authentication and the establishment
of a master secret using Kerberos credentials. The proposed changes
are minimal and, in fact, no different from adding a new public key
algorithm to the TLS framework.
3. Kerberos Authentication Option In TLS
This section describes the addition of the Kerberos authentication
option to the TLS protocol. Throughout this document, we refer to
the basic SSL handshake shown in Figure 1. For a review of the TLS
handshake see [1].
CLIENT SERVER
------ ------
ClientHello
-------------------------------->
ServerHello
Certificate *
ServerKeyExchange*
CertificateRequest*
ServerHelloDone
| change cipher spec
| Finished
| |
| |
Application Data Application Data
FIGURE 1: The TLS protocol. All messages followed by a star are
optional. Note: This figure was taken from an IETF document
[1].
The TLS security context is negotiated in the client and server hello
messages. For example: TLS_RSA_WITH_RC4_MD5 means the initial
authentication will be done using the RSA public key algorithm, RC4
will be used for the session key, and MACs will be based on the MD5
algorithm. Thus, to facilitate the Kerberos authentication option,
we must start by defining new cipher suites including (but not
limited to):
Medvinsky & Hur Standards Track