[rfc-dist] RFC 4819 on Secure Shell Public Key Subsystem

rfc-editor@rfc-editor.org rfc-editor at rfc-editor.org
Mon Mar 12 16:55:14 PDT 2007

A new Request for Comments is now available in online RFC libraries.

        RFC 4819

        Title:      Secure Shell Public Key Subsystem 
        Author:     J. Galbraith, J. Van Dyke,
                    J. Bright
        Status:     Standards Track
        Date:       March 2007
        Mailbox:    galb at vandyke.com, 
                    jpv at vandyke.com, 
                    jon at siliconcircus.com
        Pages:      17
        Characters: 32794
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-secsh-publickey-subsystem-08.txt

        URL:        http://www.rfc-editor.org/rfc/rfc4819.txt

Secure Shell defines a user authentication mechanism that is based on
public keys, but does not define any mechanism for key distribution.
No common key management solution exists in current implementations.
This document describes a protocol that can be used to configure
public keys in an implementation-independent fashion, allowing client
software to take on the burden of this configuration.

The Public Key Subsystem provides a server-independent mechanism for
clients to add public keys, remove public keys, and list the current
public keys known by the server.  Rights to manage public keys are
specific and limited to the authenticated user.

A public key may also be associated with various restrictions,
including a mandatory command or subsystem.  [STANDARDS TRACK]

This document is a product of the Secure Shell
Working Group of the IETF.

This is now a Proposed Standard Protocol.

STANDARDS TRACK: This document specifies an Internet standards track
protocol for the Internet community,and requests discussion and 
suggestions for improvements.Please refer to the current edition of the 
Internet Official Protocol Standards (STD 1) for the standardization 
state and status of this protocol.  Distribution of this memo is 

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST at IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info at RFC-EDITOR.ORG with the message body 

help: ways_to_get_rfcs. For example:

        To: rfc-info at RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager at RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR at RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.

The RFC Editor Team
USC/Information Sciences Institute


More information about the rfc-dist mailing list