RFC1511 Common Authentication Technology Overview

1511 Common Authentication Technology Overview. J. Linn. September 1993. (Format: TXT=4185 bytes) (Status: INFORMATIONAL)

日本語訳
RFC一覧

参照

Network Working Group                                           J. Linn
Request for Comments: 1511                        Geer Zolot Associates
                                                         September 1993



               Common Authentication Technology Overview


Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard.  Distribution of this memo is
   unlimited.

Overview

   The IETF's Common Authentication Technology (CAT) working group has
   pursued, and continues to pursue, several interrelated activities,
   involving definition of service interfaces as well as protocols.  As
   a goal, it has sought to separate security implementation tasks from
   integration of security data elements into caller protocols, enabling
   those tasks to be partitioned and performed separately by
   implementors with different areas of expertise.  This strategy is
   intended to provide leverage for the IETF community's security-
   oriented resources (by allowing a single security implementation to
   be integrated with, and used by, multiple caller protocols), and to
   allow protocol implementors to focus on the functions that their
   protocols are designed to provide rather than on characteristics of
   particular security mechanisms (by defining an abstract service which
   multiple mechanisms can realize).

   The CAT WG has worked towards agreement on a common service
   interface, (the Generic Security Service Application Program
   Interface, or GSS-API), allowing callers to invoke security
   functions, and also towards agreement on a common security token
   format incorporating means to identify the mechanism type in
   conjunction with which security data elements should be interpreted.
   The GSS-API, comprising a mechanism-independent model for security
   integration, provides authentication services (peer entity
   authentication) to a variety of protocol callers in a manner which
   insulates those callers from the specifics of underlying security
   mechanisms.  With certain underlying mechanisms, per-message
   protection facilities (data origin authentication, data integrity,
   and data confidentiality) can also be provided. This work is
   represented in a pair of RFCs: RFC-1508 (GSS-API) and RFC-1509
   (concrete bindings realizing the GSS-API for the C language).




J. Linn                                                         [Page 1]

RFC 1511                      CAT Overview                September 1993


   Concurrently, the CAT WG has worked on agreements on underlying
   security technologies, and their associated protocols, implementing
   the GSS-API model.  Definitions of two candidate mechanisms are
   currently available as Internet specifications; development of
   additional mechanisms is anticipated.  RFC-1510, a standards-track
   specification, documents the Kerberos Version 5 technology, based on
   secret-key cryptography and contributed by the Massachusetts
   Institute of Technology.  RFC-1507, an experimental specification,
   documents the Distributed Authentication Services technology, based
   on X.509 public-key technology and contributed by Digital Equipment
   Corporation.

References

   [1]  Kaufman, C., "Distributed Authentication Security Service", RFC
        1507, Digital Equipment Corporation, September 1993.

   [2]  Linn, J., "Generic Security Service Application Program
        Interface", RFC 1508, Geer Zolot Associates, September 1993.

   [3]  Wray, J., "Generic Security Service API : C-bindings", RFC 1509,
        Digital Equipment Corporation, September 1993.

   [4]  Kohl, J., and C. Neuman, "The Kerberos Network Authentication
        Service (V5)", Digital Equipment Corporation, USC/Information
        Sciences Institute, September 1993.

Security Considerations

   Security issues are discussed throughout the references.

Author's Address

   John Linn
   Geer Zolot Associates
   One Main St.
   Cambridge, MA  02142  USA

   Phone: +1 617.374.3700
   Email: Linn@gza.com











一覧

 RFC 1〜100  RFC 1401〜1500  RFC 2801〜2900  RFC 4201〜4300 
 RFC 101〜200  RFC 1501〜1600  RFC 2901〜3000  RFC 4301〜4400 
 RFC 201〜300  RFC 1601〜1700  RFC 3001〜3100  RFC 4401〜4500 
 RFC 301〜400  RFC 1701〜1800  RFC 3101〜3200  RFC 4501〜4600 
 RFC 401〜500  RFC 1801〜1900  RFC 3201〜3300  RFC 4601〜4700 
 RFC 501〜600  RFC 1901〜2000  RFC 3301〜3400  RFC 4701〜4800 
 RFC 601〜700  RFC 2001〜2100  RFC 3401〜3500  RFC 4801〜4900 
 RFC 701〜800  RFC 2101〜2200  RFC 3501〜3600  RFC 4901〜5000 
 RFC 801〜900  RFC 2201〜2300  RFC 3601〜3700  RFC 5001〜5100 
 RFC 901〜1000  RFC 2301〜2400  RFC 3701〜3800  RFC 5101〜5200 
 RFC 1001〜1100  RFC 2401〜2500  RFC 3801〜3900  RFC 5201〜5300 
 RFC 1101〜1200  RFC 2501〜2600  RFC 3901〜4000  RFC 5301〜5400 
 RFC 1201〜1300  RFC 2601〜2700  RFC 4001〜4100  RFC 5401〜5500 
 RFC 1301〜1400  RFC 2701〜2800  RFC 4101〜4200 

スポンサーリンク

Apacheで所有権や書き込み権限があるにも関わらずPermissions deniedが出る場合

ホームページ製作・web系アプリ系の製作案件募集中です。

上に戻る