(February 3, 1998) The following drafts have just been submitted the I-D directories. They represent a proposed way of doing telnet encryption. There are a number of interoperating implementations that have been based on these specifications, but for a number of reasons, including lack of time of interested parties, the original drafts never got formalized as Internet Standards.
Well, I believe it's time to fix this. The first step in this process is to issue new Internet Drafts, and that has been done. The next step will be to see whether we need to start up a working group, or whether they can be approved directly by the IESG after a four week IETF-wide last call.
The following are the telnet encryption drafts:
draft-tso-telnet-auth-enc-00.txt In order to perform telnet encryption, it is necessary to link it with the authentication step to avoid attackers spoofing the negotiation of whether or not encryption is desired. This document, when standardized, would obsolete RFC 1416.
draft-tso-telnet-encryption-00.txt The telnet encryption option speficiation.
draft-tso-telnet-enc-des-cfb-00.txt This specifies how to do DES encryption using CFB mode.
draft-tso-telnet-enc-des-ofb-00.txt This specifies how to do DES encryption using OFB. It's not clear whether we really want to standardize this at this point, or whether we should just let this mode die on the vine. The days when we had to worry about 68000-based Macintoshes (and I mean 68000, not 68020 or 68030-based machines) being too slow to do DES are long past...
draft-tso-telnet-auth-krb5-00.txt This is a specification of how to do telnet authentication and encryption using Kerberos V5. Note that this specification specifies how to integrity protect the results of the authentication negotiation step specified in draft-tso-telnet-auth-enc-00.txt.
If you have any comments, please send them to tytso@mit.edu.