| RFC Number |
Status |
Description |
| RFC 2412 |
 |
The OAKLEY Key Determination Protocol PKINIT's 1024-bit MODP well-known group 2 |
| RFC 3526 |
|
More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE) PKINIT's 2048-bit MODP well-known group 14 and 4096-bit MODP well-known group 16 |
| RFC 3852 |
|
Cryptographic Message Syntax (CMS) PKINIT's CMS support |
| RFC 3961 |
 |
Encryption and Checksum Specifications for Kerberos 5 |
| RFC 3962 |
|
AES Encryption for Kerberos 5 |
| RFC 4120 |
 |
The Kerberos Network Authentication Service (V5) obsoletes RFC 1510, updated by RFC 4537 |
| RFC 4121 |
|
The Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API) Mechanism: Version 2 updates RFC 1964, support standard in JDK |
| RFC 4430 |
 |
Kerberized Internet Negotiation of Keys (KINK) |
| RFC 4537 |
|
Kerberos Cryptosystem Negotiation Extension updates RFC 4120 |
| RFC 4556 |
|
Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) |
| RFC 4557 |
|
Online Certificate Status Protocol (OCSP) Support for Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) |
| RFC 4757 |
|
The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows |
| |
|
Generating KDC Referrals to Locate Kerberos Realms |
| |
|
Kerberos Set/Change Key/Password Protocol Version 2 |
| |
|
A Generalized Framework for Kerberos Pre-Authentication |
| |
|
The Kerberos Network Authentication Service (Version 5) |
| |
|
ECC Support for PKINIT |
| |
|
Extended Kerberos Version 5 Key Distribution Center (KDC) Exchanges Over TCP |
| |
|
Anonymity Support for Kerberos |
| |
|
Additional Kerberos Naming Constraints |
| |
|
PK-INIT Cryptographic Algorithm Agility |
| |
|
Kerberos Version 5 GSS-API Channel Binding Hash Agility |
| |
|
Utilizing the Windows 2000 Authorization Data in Kerberos Tickets for Access Control to Resources |
| |
|
Kerberos version 5 schema for LDAP Directories |
