Browse Prior Art Database

The Kerberos Network Authentication Service (V5) (RFC1510)

IP.com Disclosure Number: IPCOM000002340D
Original Publication Date: 1993-Sep-01
Included in the Prior Art Database: 2000-Sep-12

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Kohl: AUTHOR [+2]

Abstract

This document gives an overview and specification of Version 5 of the protocol for the Kerberos network authentication system. Version 4, described elsewhere [1,2], is presently in production use at MIT's Project Athena, and at other Internet sites.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 1% of the total text.

Network Working Group J. Kohl

Request for Comments: 1510 Digital Equipment Corporation

C. Neuman

ISI

September 1993

The Kerberos Network Authentication Service (V5)

Status of this Memo

This RFC specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" for the standardization state and status

of this protocol. Distribution of this memo is unlimited.

Abstract

This document gives an overview and specification of Version 5 of the

protocol for the Kerberos network authentication system. Version 4,

described elsewhere [1,2], is presently in production use at MIT's

Project Athena, and at other Internet sites.

Overview

Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos,

Moira, and Zephyr are trademarks of the Massachusetts Institute of

Technology (MIT). No commercial use of these trademarks may be made

without prior written permission of MIT.

This RFC describes the concepts and model upon which the Kerberos

network authentication system is based. It also specifies Version 5

of the Kerberos protocol.

The motivations, goals, assumptions, and rationale behind most design

decisions are treated cursorily; for Version 4 they are fully

described in the Kerberos portion of the Athena Technical Plan [1].

The protocols are under review, and are not being submitted for

consideration as an Internet standard at this time. Comments are

encouraged. Requests for addition to an electronic mailing list for

discussion of Kerberos, kerberos@MIT.EDU, may be addressed to

kerberos-request@MIT.EDU. This mailing list is gatewayed onto the

Usenet as the group comp.protocols.kerberos. Requests for further

information, including documents and code availability, may be sent

to info-kerberos@MIT.EDU.

Background

The Kerberos model is based in part on Needham and Schroeder's

trusted third-party authentication protocol [3] and on modifications

suggested by Denning and Sacco [4]. The original design and

implementation of Kerberos Versions 1 through 4 was the work of two

former Project Athena staff members, Steve Miller of Digital

Equipment Corporation and Clifford Neuman (now at the Information

Sciences Institute of the University of Southern California), along

<...