{
  "draft": "draft-ietf-kitten-pkinit-freshness-07",
  "doc_id": "RFC8070",
  "title": "Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension",
  "authors": [
    "M. Short, Ed.",
    "S. Moore",
    "P. Miller"
  ],
  "format": [
    "TEXT",
    "HTML"
  ],
  "page_count": "9",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "Common Authentication Technology Next Generation",
  "abstract": "This document describes how to further extend the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) extension (defined in RFC 4556) to exchange an opaque data blob that a Key Distribution Center (KDC) can validate to ensure that the client is currently in possession of the private key during a PKINIT Authentication Service (AS) exchange.",
  "pub_date": "February 2017",
  "keywords": [],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC8070",
  "errata_url": null
}