A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : TLS Extension for Optimizing Application Protocols, Specifically SASL with GSS-API mechanisms
Author(s) : N. Williams
Filename : draft-williams-tls-app-sasl-opt-04.txt
Pages : 27
Date : 2010-07-26
This document specifies Hello extensions to Transport Layer Security
(TLS). One extension is used for carrying application data which is
suitable for delayed integrity protection and does not require
privacy protection. Another extension is used to negotiate an early
start to the application data protocol in the case of initial TLS
connections (i.e., which do not resume sessions).
We describe how to use these extensions to reduce the number of round
trips needed for application-layer authentication, by piggy-backing
Simple Authentication (SASL) mechanism negotiation on the first leg
of a TLS handshake and the first round of SASL authentication
messages on the second leg of the same TLS handshake. Through SASL
we get support for Generic Security Services (GSS-API) mechanisms.
Channel binding is used from SASL authentication to the TLS channel.
This results in a two round-trip optimization for applications that
use SASL on top of TLS.
We also provide generic framing for SASL authentication messages
which, combined with the use of these extensions, will be referred to
as "TLS/SA". These extensions can also be used to optimize
application protocols separately from SASL.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-williams-tls-app-sasl-opt-04.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-williams-tls-app-sasl-opt-04.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt