Public Key Cryptography for Initial Authentication in Kerberos (PKINIT), June 2006
- Canonical URL:
- File formats:
- PROPOSED STANDARD
- Updated by:
- RFC 6112, RFC 8062, RFC 8636
- L. Zhu
- krb-wg (sec)
Discuss this RFC: Send questions or comments to email@example.com
This document describes protocol extensions (hereafter called PKINIT) to the Kerberos protocol specification. These extensions provide a method for integrating public key cryptography into the initial authentication exchange, by using asymmetric-key signature and/or encryption algorithms in pre-authentication data fields. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.