5.1.2 Credential/Identity Protection

When the Authenticated Internet Protocol performs an authentication, it might be necessary for one party to reveal information about its identity to the other party in order to perform the authentication. The type of information that is leaked depends on the authentication method that is used, as described below. Therefore, the choice of supported authentication methods affects the privacy of the authenticating parties.

Kerberos authentication

In a Kerberos authentication exchange, the initiator never has to leak its identity and only members of the trusted domain are able to access the ticket that is sent, assuming the integrity of the Kerberos protocol. The Kerberos responder needs to provide information to the initiator about its identity so that the Kerberos token can be validated; to do this, the responder puts its security principal name in the Principal Name field of the GSS_ID payload.

Certificates

As part of a TLS exchange, the responder might pass a list of trusted roots in the clear so that the initiator can select a certificate that is trusted by the responder.