rfc-4120
The Kerberos Network Authentication Service (V5)
This document provides an overview and specification of Version 5 of the Kerberos protocol, and it obsoletes RFC 1510 to clarify aspects of the protocol and its intended use that require more detailed or clearer explanation than was provided in RFC 1510. This document is intended to provide a detailed description of the protocol, suitable for implementation, together with descriptions of the appropriate use of protocol messages and fields within those messages. [STANDARDS-TRACK]
obsoletes
- rfc-1510 — The Kerberos Network Authentication Service (V5)
updated by
- rfc-4537 — Kerberos Cryptosystem Negotiation Extension
- rfc-5021 — Extended Kerberos Version 5 Key Distribution Center (KDC) Exchanges over TCP
- rfc-5896 — Generic Security Service Application Program Interface (GSS-API): Delegate if Approved by Policy
- rfc-6111 — Additional Kerberos Naming Constraints
- rfc-6112 — Anonymity Support for Kerberos
- rfc-6113 — A Generalized Framework for Kerberos Pre-Authentication
- rfc-6649 — Deprecate DES, RC4-HMAC-EXP, and Other Weak Cryptographic Algorithms in Kerberos
- rfc-6806 — Kerberos Principal Name Canonicalization and Cross-Realm Referrals
- rfc-7751 — Kerberos Authorization Data Container Authenticated by Multiple Message Authentication Codes (MACs)
- rfc-8062 — Anonymity Support for Kerberos
- rfc-8129 — Authentication Indicator in Kerberos Tickets
- rfc-8429 — Deprecate Triple-DES (3DES) and RC4 in Kerberos
- rfc-8553 — DNS Attrleaf Changes: Fixing Specifications That Use Underscored Node Names