RFC 4559 on SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A new Request for Comments is now available in online RFC libraries.

        
        RFC 4559

        Title:      SPNEGO-based Kerberos and NTLM HTTP 
                    Authentication in Microsoft Windows 
        Author:     K. Jaganathan, L. Zhu,
                    J. Brezak
        Status:     Informational
        Date:       June 2006
        Mailbox:    karthikj@microsoft.com, 
                    lzhu@microsoft.com, 
                    jbrezak@microsoft.com
        Pages:      8
        Characters: 16088
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-jaganathan-kerberos-http-01.txt

        URL:        http://www.rfc-editor.org/rfc/rfc4559.txt

This document describes how the Microsoft Internet Explorer (MSIE)
and Internet Information Services (IIS) incorporated in Microsoft
Windows 2000 use Kerberos for security enhancements of web
transactions.  The Hypertext Transport Protocol (HTTP) auth-scheme of
"negotiate" is defined here; when the negotiation results in the
selection of Kerberos, the security services of authentication and,
optionally, impersonation (the IIS server assumes the windows identity
of the principal that has been authenticated) are performed.  This
document explains how HTTP authentication utilizes the Simple and
Protected GSS-API Negotiation mechanism.  Details of Simple And
Protected Negotiate (SPNEGO) implementation are not provided in this document.  This memo provides information for the Internet community.


INFORMATIONAL: This memo provides information for the Internet community. 
It does not specify an Internet standard of any kind. Distribution
of this memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST@IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG.

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body 

help: ways_to_get_rfcs. For example:

        To: rfc-info@RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR@RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.


Joyce K. Reynolds and Sandy Ginoza
USC/Information Sciences Institute

...



_______________________________________________

IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux