RFC 4121 & acceptor subkey use in MIC token generation

[Ken Hornstein]

>On Thu, Oct 26, 2023 at 05:57:37PM -0400, Ken Hornstein via Kerberos wrote:
>> You know that.  I know that.  But remember: "if you're explaining,
>> you're losing".  When asked I can honestly say, "Kerberos is not
>> a PKI" and that's good enough, but I can't say with a straight
>> face, "This X.509 CA over here is not a PKI".
>
>Have you considered the private sector?

Ha!  My memory is the private sector is not perfect by any means and
has a DIFFERENT set of foibles.

>More seriously, there must be an office that could evaluate the use of
>online CAs that issue short-lived certificates using issuer keys stored
>in HSMs (or software keys when the sub-CA has a very narrow
>applicability, meaning very few systems will trust it).  Such CAs would
>be very useful, I'm sure, especially if you could dispense with
>revocation checking at the relying party because a) the certificate will
>be as short-lived as a Kerberos ticket, b) the online issuer will have
>checked revocation for the longer-lived credential used to authenticate
>to it.

I am sure there is some kind of process, but it would probably be some
kind of trial program or research project that we could officially get
approved.  The main issues I see there is getting funding for such a
project because that's not a small amount of work (I know the code is
written; it's writing the proposals in a way so that everyone involved
could understand what I am doing, why it would be useful, the security
implications, sitting around in meeting with the various people to move
the proposal up the chain, all of that grunt work) and like everyone
else here my plate is full so I'm not sure where that fits into the
schedule.

--Ken