From owner-ietf-cat-wg@lists.Stanford.EDU Tue Jul 18 15:41:21 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA09852 for ; Tue, 18 Jul 2000 15:41:20 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id MAA08589 for ietf-cat-wg-out720680; Tue, 18 Jul 2000 12:18:27 -0700 (PDT) Received: from tholian.securitydynamics.com (tholian.securid.com [204.167.112.129]) by lists.Stanford.EDU (8.9.3/8.9.3) with SMTP id MAA08583 for ; Tue, 18 Jul 2000 12:18:23 -0700 (PDT) Received: from sdtihq24.securitydynamics.com by tholian.securitydynamics.com via smtpd (for lists.Stanford.EDU [171.64.14.232]) with SMTP; 18 Jul 2000 19:18:18 UT Received: from exna00.securitydynamics.com (exna00.securitydynamics.com [10.2.1.110]) by sdtihq24.securid.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id PAA05795 for ; Tue, 18 Jul 2000 15:17:15 -0400 (EDT) Received: by exna00.securitydynamics.com with Internet Mail Service (5.5.2448.0) id ; Tue, 18 Jul 2000 15:18:22 -0400 Message-ID: From: "Linn, John" To: "'CAT-WG List'" Subject: FW: WG Action: Kerberos WG (krb-wg) Date: Tue, 18 Jul 2000 15:18:14 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk Forwarding FYI, for the benefit of any Kerberos-interested CAT subscribers who may not also receive the general IETF-Announce list. Kerberos-related work items currently listed under CAT are being transferred to this new WG, which is slated to meet at the upcoming Pittsburgh IETF. --jl -----Original Message----- From: The IESG [mailto:iesg-secretary@ietf.org] Sent: Tuesday, July 18, 2000 12:50 PM Subject: WG Action: Kerberos WG (krb-wg) A new working group has been formed in the Security Area of the IETF. For additional information, contact the Area Directors or the WG Chair.Kerberos WG (krb-wg) Kerberos WG (krb-wg) -------------------- Current Status: Active Working Group Chair(s): Douglas Engert Security Area Director(s): Jeffrey Schiller Marcus Leech Security Area Advisor: Jeffrey Schiller Mailing Lists: General Discussion:ietf-krb-wg@anl.gov To Subscribe: majordomo@anl.gov In Body: subscribe ietf-krb-wg your_email_address Archive: ftp://ftp.ietf.org/ietf-mail-archive/krb/ Description of Working Group: Kerberos over the years has been ported to virtually every operating system. There are at least two open source versions, with numerous commercial versions based on these and other proprietary implementations. Kerberos evolution has continued over the years, and interoperability has been problematic. A number of draft proposals have been issued concerning aspects of new or extended functionality. The group will strive to improve the interoperability of these systems while improving security. Specifically, the Working Group will: * Clarify and amplify the Kerberos specification (RFC 1510) to make sure interoperability problems encountered in the past that occurred because of unclear specifications do not happen again. The output of this process should be suitable for Draft Standard status. * Select from existing proposals on new or extended functionality those that will add significant value while improving interoperability and security, and publish these as one or more Proposed Standards. Goals and Milestones: Jul 00 First meeting Aug 00 Submit the Kerberos Extensions document to the IESG for consideration as a Proposed standard. Sep 00 Submit the PKINIT document to the IESG for consideration as a Proposed Standard. Dec 00 Charter Review, update of milestones and refinement of goals. -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Wed Jul 19 16:49:16 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA03947 for ; Wed, 19 Jul 2000 16:49:15 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id NAA09522 for ietf-cat-wg-out720680; Wed, 19 Jul 2000 13:22:57 -0700 (PDT) Received: from achilles.ctd.anl.gov (achilles.ctd.anl.gov [146.137.32.1]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id NAA09517 for ; Wed, 19 Jul 2000 13:22:54 -0700 (PDT) Received: from anl.gov (apollo.ctd.anl.gov [146.137.96.39]) by achilles.ctd.anl.gov (8.9.1a/8.9.1) with ESMTP id PAA20240; Wed, 19 Jul 2000 15:22:54 -0500 (CDT) Message-ID: <39760E0F.B3B58A6D@anl.gov> Date: Wed, 19 Jul 2000 15:22:39 -0500 From: "Douglas E. Engert" Reply-To: deengert@anl.gov Organization: Argonne National Laboratory X-Mailer: Mozilla 4.73 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: "'KRB-WG List'" , "'CAT-WG List'" Subject: Welcome to the IETF Kerberos Working Group Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk Content-Transfer-Encoding: 7bit Welcome to the Kerberos Working Group list. (Or if you are on the CAT list you may which to join.) The charter for the Kerberos Working Group has been posted at http://www.ietf.org/html.charters/krb-wg-charter.html but it does not yet list any of the documents. In discussions with John Linn, and Jeff Schiller the following documents are being transferred to this working group: * Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) (48913 bytes) * Public Key Cryptography for Cross-Realm Authentication in Kerberos (22582 bytes) * Public Key Utilizing Tickets for Application Servers (PKTAPP) (16077 bytes) * The Kerberos Network Authentication Service (V5) (Kerberos Revisions) (323152 bytes) * Initial Authentication and Pass Through Authentication Using Kerberos V5 and the GSS-API (IAKERB) (12132 bytes) * The Kerberos Version 5 GSSAPI Mechanism, Version 2 (55391 bytes) * Distributing Kerberos KDC and Realm Information with DNS (11698 bytes) * Kerberos Set/Change Password: Version 2 (15974 bytes) and the following RFCs: * The Kerberos Network Authentication Service (V5) (RFC 1510) (275395 bytes) * The Kerberos Version 5 GSS-API Mechanism (RFC 1964) (47413 bytes) We will be meeting in Pittsburgh and the session is currently scheduled for Wednesday 1530 - 1730 as "SEC krbwg Kerberos BOF" The main thrust of the meeting will be to get the Kerberos Revisions and PKINIT to be submitted as Proposed Standards within the next few months. I have asked all the authors of the above documents if they would like to say a few words, and most have agreed. If you have any agenda items please contact me. I hope to have an agenda soon. So, please come prepared to discuss any issues you might have with the Kerberos Revisions and PKINIT. -- Douglas E. Engert Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Fri Jul 21 09:25:51 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA11876 for ; Fri, 21 Jul 2000 09:25:50 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id GAA05055 for ietf-cat-wg-out720680; Fri, 21 Jul 2000 06:06:35 -0700 (PDT) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id GAA05050 for ; Fri, 21 Jul 2000 06:06:29 -0700 (PDT) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA07119; Fri, 21 Jul 2000 09:06:25 -0400 (EDT) Message-Id: <200007211306.JAA07119@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-cat-wg@lists.Stanford.EDU From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-cat-gaa-cbind-03.txt Date: Fri, 21 Jul 2000 09:06:24 -0400 Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Common Authentication Technology Working Group of the IETF. Title : Generic Authorization and Access control Application Program Interface C-bindings Author(s) : T. Ryutov, C. Neuman Filename : draft-ietf-cat-gaa-cbind-03.txt Pages : 14 Date : 20-Jul-00 The Generic Authorization and Access control Application Programming Interface (GAA API) provides access control services to calling applications. It facilitates access control decisions for applications and allows applications to discover access control policies associated with a targeted resource. The GAA API is usable by multiple applications supporting different kinds of protected objects. The GAA API design supports: - a variety of security mechanisms based on public or secret key cryptosystems - different authorization models - heterogeneous security policies - various access rights This document specifies C language bindings for the GAA API, which is described at a language-independent conceptual level in draft-ietf-cat-acc-cntrl-frmw-01.txt A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-cat-gaa-cbind-03.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-cat-gaa-cbind-03.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-cat-gaa-cbind-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000720141242.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-cat-gaa-cbind-03.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-cat-gaa-cbind-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000720141242.I-D@ietf.org> --OtherAccess-- --NextPart-- -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Fri Jul 21 13:43:22 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA04542 for ; Fri, 21 Jul 2000 13:43:22 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id KAA18322 for ietf-cat-wg-out720680; Fri, 21 Jul 2000 10:21:46 -0700 (PDT) Received: from usc.edu (root@usc.edu [128.125.253.136]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id KAA18317 for ; Fri, 21 Jul 2000 10:21:44 -0700 (PDT) Received: from aludra.usc.edu (ryutov@aludra.usc.edu [128.125.19.184]) by usc.edu (8.9.3.1/8.9.3/usc) with ESMTP id KAA09073; Fri, 21 Jul 2000 10:21:30 -0700 (PDT) Received: (from ryutov@localhost) by aludra.usc.edu (8.9.3.1/8.9.3/usc) id KAA19038; Fri, 21 Jul 2000 10:21:30 -0700 (PDT) Date: Fri, 21 Jul 2000 10:21:30 -0700 (PDT) From: Tatyana Ryutov Message-Id: <200007211721.KAA19038@aludra.usc.edu> To: internet-drafts@ietf.org Subject: old draft version draft-ietf-cat-gaa-cbind-03.txt Cc: ietf-cat-wg@lists.Stanford.EDU Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk Hello, This is the previous version of the draft. The new one draft-ietf-cat-gaa-cbind-04.txt I have submitted a week ago. Please update the draft. Thanks, Tatyana Ryutov Internet-Drafts@ietf.org wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Common Authentication Technology Working Group of the IETF. Title : Generic Authorization and Access control Application Program Interface C-bindings Author(s) : T. Ryutov, C. Neuman Filename : draft-ietf-cat-gaa-cbind-03.txt Pages : 14 Date : 20-Jul-00 The Generic Authorization and Access control Application Programming Interface (GAA API) provides access control services to calling applications. It facilitates access control decisions for applications and allows applications to discover access control policies associa loopback - ted with a targeted resource. The GAA API is usable by multiple applications supporting different kinds of protected objects. The GAA API design supports: - a variety of security mechanisms based on public or secret key cryptosystems - different authorization models - heterogeneous security policies - various access rights This document specifies C language bindings for the GAA API, whiced at a language-independent conceptual level in draft-ietf-cat-acc-cntrl-frmw-01.txt A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-cat-gaa-cbind-03.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-cat-gaa-cbind-03.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-cat-gaa-cbind-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. ------------------------------------------------------------------------ Content-Type: text/plain Content-ID: <20000720141242.I-D@ietf.org> -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Mon Jul 24 06:59:05 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA16422 for ; Mon, 24 Jul 2000 06:59:05 -0400 (EDT) Received: by lists.Stanford.EDU (8.9.3/8.9.3) id DAA05734 for ietf-cat-wg-out720680; Mon, 24 Jul 2000 03:34:07 -0700 (PDT) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id DAA05729 for ; Mon, 24 Jul 2000 03:34:03 -0700 (PDT) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA07513; Mon, 24 Jul 2000 06:34:01 -0400 (EDT) Message-Id: <200007241034.GAA07513@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-cat-wg@lists.Stanford.EDU From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-cat-acc-cntrl-frmw-04.txt Date: Mon, 24 Jul 2000 06:34:00 -0400 Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Common Authentication Technology Working Group of the IETF. Title : Access Control Framework for Distributed Applications Author(s) : T. Ryutov, C. Neuman Filename : draft-ietf-cat-acc-cntrl-frmw-04.txt Pages : 14 Date : 21-Jul-00 This document describes a unified model to support authorization in a wide range of applications, including metacomputing, remote printing, video conference, and any other application which will require interactions between entities across autonomous security domains. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-cat-acc-cntrl-frmw-04.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-cat-acc-cntrl-frmw-04.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-cat-acc-cntrl-frmw-04.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000721171308.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-cat-acc-cntrl-frmw-04.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-cat-acc-cntrl-frmw-04.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000721171308.I-D@ietf.org> --OtherAccess-- --NextPart-- -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Tue Jul 25 05:32:30 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA09015 for ; Tue, 25 Jul 2000 05:32:30 -0400 (EDT) Received: by lists.Stanford.EDU (8.9.3/8.9.3) id CAA07688 for ietf-cat-wg-out720680; Tue, 25 Jul 2000 02:13:47 -0700 (PDT) Received: from michael.checkpoint.com (michael.checkpoint.com [199.203.73.68]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id CAA07683 for ; Tue, 25 Jul 2000 02:13:40 -0700 (PDT) Received: from parker (localhost [127.0.0.1]) by michael.checkpoint.com (8.9.3/8.9.1) with SMTP id MAA17117 for ; Tue, 25 Jul 2000 12:12:27 +0300 (IDT) From: "Tsachi Sharfman" To: Subject: Platform for testing GSS-API plugins Date: Tue, 25 Jul 2000 12:11:37 +0200 Message-ID: <000701bff620$b8ac7700$d78c96d4@checkpoint.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Importance: Normal Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk Content-Transfer-Encoding: 7bit Hi, I am trying to learn the GSS-API. Does anyone know of a test system I can set up in order to test GSS-API plug-ins? Thanks in advance, Tsachi Sharfman -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Tue Jul 25 06:52:02 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA28786 for ; Tue, 25 Jul 2000 06:52:01 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id DAA09641 for ietf-cat-wg-out720680; Tue, 25 Jul 2000 03:37:09 -0700 (PDT) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id DAA09636 for ; Tue, 25 Jul 2000 03:37:05 -0700 (PDT) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA24159; Tue, 25 Jul 2000 06:37:03 -0400 (EDT) Message-Id: <200007251037.GAA24159@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; CC: ietf-cat-wg@lists.Stanford.EDU, ietf-krb-wg@anl.gov From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-raeburn-cat-gssapi-krb5-3des-00.txt Date: Tue, 25 Jul 2000 06:37:02 -0400 Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Triple-DES Support for the Kerberos 5 GSSAPI Mechanism Author(s) : K. Raeburn Filename : draft-raeburn-cat-gssapi-krb5-3des-00.txt Pages : Date : 24-Jul-00 The MIT Kerberos 5 release version 1.2 includes support for triple-DES with key derivation [KrbRev]. Recent work by the EFF [EFF] has demonstrated the vulnerability of single-DES mechanisms to brute-force attacks by sufficiently motivated and well-funded parties. The GSSAPI Kerberos 5 mechanism definition [GSSAPI-KRB5] specifically enumerates encryption and checksum types, independently of how such schemes may be used in Kerberos. In the long run, a new Kerberos-based mechanism, which does not require separately enumerating for the GSSAPI mechanism each of the encryption types defined by Kerberos, appears to be a better approach. Efforts to produce such a specification are under way. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-raeburn-cat-gssapi-krb5-3des-00.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-raeburn-cat-gssapi-krb5-3des-00.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-raeburn-cat-gssapi-krb5-3des-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000724142357.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-raeburn-cat-gssapi-krb5-3des-00.txt --OtherAccess Content-Type: Message/External-body; name="draft-raeburn-cat-gssapi-krb5-3des-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000724142357.I-D@ietf.org> --OtherAccess-- --NextPart-- -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Tue Jul 25 09:00:32 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA06246 for ; Tue, 25 Jul 2000 09:00:32 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id FAA10836 for ietf-cat-wg-out720680; Tue, 25 Jul 2000 05:40:56 -0700 (PDT) Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id FAA10831 for ; Tue, 25 Jul 2000 05:40:54 -0700 (PDT) Received: from smtpde02.sap-ag.de (smtpde02.sap-ag.de [194.39.131.53]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id IAA13626 for ; Tue, 25 Jul 2000 08:40:53 -0400 (EDT) Received: from sap-ag.de ([194.39.131.3]) by smtpde02.sap-ag.de (out) with ESMTP id OAA18931; Tue, 25 Jul 2000 14:36:28 +0200 (MESZ) Received: from hw1464.wdf.sap-ag.de (hw1464.wdf.sap-ag.de [155.56.94.51]) by sap-ag.de (8.8.8/8.8.8) with ESMTP id OAA13246; Tue, 25 Jul 2000 14:40:15 +0200 (MET DST) Received: (from d019080@localhost) by hw1464.wdf.sap-ag.de (8.7.6/8.7.1) id OAA10885; Tue, 25 Jul 2000 14:40:14 +0200 (METDST) From: Martin Rex Message-Id: <200007251240.OAA10885@hw1464.wdf.sap-ag.de> Subject: Re: Platform for testing GSS-API plugins To: tsachis@checkpoint.com (Tsachi Sharfman) Date: Tue, 25 Jul 2000 14:40:14 +0200 (METDST) Cc: cat-ietf@mit.edu In-Reply-To: <000701bff620$b8ac7700$d78c96d4@checkpoint.com> from "Tsachi Sharfman" at Jul 25, 0 12:11:37 pm Reply-To: mrex@sap-ag.de MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk Content-Transfer-Encoding: 8bit Tsachi Sharfman wrote: > > I am trying to learn the GSS-API. Does anyone know of a test system I can > set up in order to test GSS-API plug-ins? What exactly are you looking for? I have written a test program for GSS-API mechanisms called GSSTEST that we give away for free in source. There are a few free gssapi mechanism implementations available in source, like MIT's Kerberos. At one point in time there was a SESAME demoware mechanism in source. We do have a GSS-API v2 mechanism wrapper for the Kerberos SSP of Microsoft W2K and one for the NTLM SSP of Microsoft Windows NT/9x/W2K that we give away in source -- however it is only a wrapper, not a full mechanism and parts of it are obviously platform specific... Once our FTP Server here at SAP is finally up and running (it took them only 5 years), I will put my sources there. At the moment I still have to distribute it via Email. -Martin -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Fri Jul 28 20:30:50 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA04939 for ; Fri, 28 Jul 2000 20:30:50 -0400 (EDT) Received: (from daemon@localhost) by lists.Stanford.EDU (8.9.3/8.9.3) id RAA01974 for ietf-cat-wg-out720680; Fri, 28 Jul 2000 17:10:04 -0700 (PDT) Received: from dcl.mit.edu (DCL.MIT.EDU [18.18.1.70]) by lists.Stanford.EDU (8.9.3/8.9.3) with ESMTP id RAA01969 for ; Fri, 28 Jul 2000 17:10:02 -0700 (PDT) Received: (from raeburn@localhost) by dcl.mit.edu (8.9.3) id UAA03944; Fri, 28 Jul 2000 20:10:00 -0400 (EDT) To: ietf-cat-wg@lists.Stanford.EDU, ietf-krb-wg@anl.gov Subject: Re: I-D ACTION:draft-raeburn-cat-gssapi-krb5-3des-00.txt References: <200007251037.GAA24159@ietf.org> Mime-Version: 1.0 From: Ken Raeburn Date: 28 Jul 2000 20:09:59 -0400 In-Reply-To: Internet-Drafts@ietf.org's message of "Tue, 25 Jul 2000 06:37:02 -0400" Message-ID: Lines: 12 User-Agent: Gnus/5.070063 (Pterodactyl Gnus v0.63) Emacs/20.7 Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk The portion of the abstract in the announcement left out the final, key paragraph: [...]approach. Efforts to produce such a specification are under way. In the interest of providing increased security in the interim, however, MIT is proposing adding support for triple-DES to the existing mechanism, as described here. This brief document is *not* an attempt to provide a completely new Kerberos mechanism for GSSAPI. -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu From owner-ietf-cat-wg@lists.Stanford.EDU Sat Jul 29 04:53:11 2000 Received: from lists.Stanford.EDU (lists.Stanford.EDU [171.64.14.232]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA08060 for ; Sat, 29 Jul 2000 04:53:11 -0400 (EDT) Received: by lists.Stanford.EDU (8.9.3/8.9.3) id BAA11473 for ietf-cat-wg-out720680; Sat, 29 Jul 2000 01:34:49 -0700 (PDT) Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by lists.Stanford.EDU (8.9.3/8.9.3) with SMTP id BAA11468 for ; Sat, 29 Jul 2000 01:34:46 -0700 (PDT) Received: from [195.44.224.50] by MIT.EDU with SMTP id AA20683; Sat, 29 Jul 00 04:34:40 EDT Date: Sat, 29 Jul 00 04:34:40 EDT From: "Pc-to-Phone Service..." To: Message-Id: <419.436736.39842905ads247@europe.com> Subject: Free Internet based PC-to-Phone Service as requested Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-ietf-cat-wg@lists.Stanford.EDU Precedence: bulk Content-Transfer-Encoding: 7bit [This Information has been sent to you, in response to a request either made by yourself or a friend on your behalf] It's here at last, what we've all been waiting for! Kiss goodbye to enormous telephone bills!! For a one off Access Fee, discounted by 50% to #29.99, you need never pay any call charges to phone Local, National, & International calls, again! Registering and Access to this service takes less than 10 minutes, after which phoning your friends from your Personal Computer to their Home, Business, etc., telephone has never been easier. You can phone to your hearts content, as making a phone call is totally 100% free! We are sure that without the worry of an enormous telephone bill hanging over your head, you'll be able to catch up with long lost friends, etc..., and use the money saved on your telephone bills to improve the quality of life for your children, grandchildren, or yourself! For more information, and to receive your demonstration Username & Password allowing you to make a 'Free Trial Call' now, then Phone today on either- [01144] 020 8387 8399 Head Office-London [open 9am-5pm] [01144] 090 6960 4199 Customer Service Line [open 24 Hours a day] *The [01144] UK Country code should only be dialled by callers outside the UK... **Anyone registering for access to the Free Pc-to-Phone service Today shall receive a Free State of the Art WAP Mobile Phone worth over #200. Free next day delivery anywhere in the UK! You may keep the phone, or give it away as a gift!! To be removed from the list click below- UkTelecom@mailandnews.com ------------------------------------------------------------------------------------------- This ad is being sent in compliance with Senate bill 1618, Title 3, section 301. http://www.senate.gov/~murkowski/commercialemail/S771index.html Here is a more detailed version of the legal notice above: This message is sent in compliance of the new e-mail bill: SECTION 301. Per Section 301, Paragraph (a)(2)(C) of S. 1618, http://www.senate.gov/~murkowski/commercialemail/S771index.html Further transmissions to you by the sender of this email may be stopped at no cost to you by sending a reply to this email address with the word "remove" in the subject line. ------------------------------------------------------------------------------------------- -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to majordomo@lists.stanford.edu