RFC 4768 on Desired Enhancements to Generic Security Services Application Program Interface (GSS-API) Version 3 Naming

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A new Request for Comments is now available in online RFC libraries.

        
        RFC 4768

        Title:      Desired Enhancements to Generic Security 
                    Services Application Program Interface (GSS-API) 
                    Version 3 Naming 
        Author:     S. Hartman
        Status:     Informational
        Date:       December 2006
        Mailbox:    hartmans-ietf@mit.edu
        Pages:      12
        Characters: 27205
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-kitten-gss-naming-05.txt

        URL:        http://www.rfc-editor.org/rfc/rfc4768.txt

The Generic Security Services API (GSS-API) provides a naming
architecture that supports name-based authorization.  GSS-API
authenticates two named parties to each other.  Names can be stored
on access control lists (ACLs) to make authorization decisions.  Advances 
in security mechanisms and the way implementers wish to use GSS-API
require this model to be extended for the next version of GSS-API.
As people move within an organization or change their names, the name
authenticated by GSS-API may change.  Using some sort of constant
identifier would make ACLs more stable.  Some
mechanisms, such as public-key mechanisms, do not have a single name
to be used across all environments.  Other mechanisms, such as
Kerberos, may include group membership or role information as part of
authentication.  This document motivates extensions to GSS-API naming
and describes the extensions under discussion.   This memo provides 
information for the Internet community.

This document is a product of the Kitten (GSS-API Next Generation)
Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community. 
It does not specify an Internet standard of any kind. Distribution
of this memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST@IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG.

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body 

help: ways_to_get_rfcs. For example:

        To: rfc-info@RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

Submissions for Requests for Comments should be sent to
RFC-EDITOR@RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.


The RFC Editor Team
USC/Information Sciences Institute

...



_______________________________________________

IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux