Re: Kerberos authentication for X-Mosaic 2.4 and NCSA HTTPD

• To: www-security@ns1.rutgers.edu
• Subject: Re: Kerberos authentication for X-Mosaic 2.4 and NCSA HTTPD
• From: Marc Horowitz <marc@mit.edu>
• Date: Sun, 14 Aug 1994 16:22:52 EDT

I've just joined the list, so I apologize if this has been gone over
before.  I also apologize ahead of time for appearing somewhat
presumptions; this message will sound that way.

One of the things which really bothered me about the Secure-HTTP
document when I read it was the complete lack of reference to existing
work in the area of generalizing security access.  In particular, the
Internet Engineering Task Force has standardized on an API called
GSS-API which is a standard API for accessing an arbitrary
authentication protocol.  It's currently intended for real-time
authentication, but store-and-forward semantics are being worked on.
GSS-API has been specified for FTP, IMAP, and POP.  There is an
existing implementation for kerberos v5, and specifications which
cover x.509 and pem.

Before you all go out and reinvent the wheel, I think it would be
productive for people to go out and read the following documents:

ftp://ftp.internic.net/rfc/rfc1508.txt
ftp://ftp.internic.net/rfc/rfc1509.txt
ftp://ftp.internic.net/internet-drafts/draft-ietf-cat-kerb5gss-01.txt
ftp://ftp.internic.net/internet-drafts/draft-ietf-spkmgss-00.txt 
ftp://ftp.internic.net/internet-drafts/draft-ietf-cat-ftpsec-05.txt 

Have a nice day :-)

		Marc

• Re: Kerberos authentication for X-Mosaic 2.4 and NCSA HTTPD
• From: Goran Oberg <Goran.Oberg@dc.luth.se>

• Previous: Re: Kerberos authentication for X-Mosaic 2.4 and NCSA HTTPD
• Next: Re: Kerberos authentication for X-Mosaic 2.4 and NCSA HTTPD
• Index(es):
  • Index
  • Thread