Thomas Hardjono | 4 Feb 18:41 2009
Picon

Towards Kerberizing Web Identity and Services: new MITKC publication & new mailing-list

 

Towards Kerberizing Web Identity and Services: a new publication from the MIT Kerberos Consortium

 

 

One of the major goals of the MIT Kerberos Consortium (KIT-KC) is to establish Kerberos as a ubiquitous authentication mechanism on the Internet and also to make Kerberos appropriate for new environments. One of the key efforts within the MIT-KC directed at this goal is the Kerberos-on-the-Web (Kerb-Web) project.

 

The Kerberos-on-the-web project seeks initially to investigate the various aspects of the development and deployment of Kerberos within the Web space. This includes, among others:

(a) the use of the Kerberos authentication paradigm within the context of web-authentication and web-services security,

(b) the possible architecture integration and interactions between the Kerberos infrastructure and web-services security infrastructure,

(c) the possible enhancements of the Kerberos authentication protocol and Kerberos token in order to address the requirements for Single-Sign-On (SSO) on the Web and Web Identity Federation, and

(d) the potential re-use of existing Kerberos infrastructure investments in enterprises and other organizations to support the deployment of Kerberos-on-the-Web solutions.

 

In order to provide a starting point and context for discussions going forward regarding Kerberos-on-the-web, the MIT-KC has issued a new publication entitled “Towards Kerberizing Web Identity and Services”. This publication can be found in the following location:

 

http://kerberos.org/software/kerbweb.pdf

 

The MIT-KC is seeking feedback and input specifically on this publication. These can be addressed to the MIT-KC strategic advisor (hardjono <at> mit.edu), addressed to the authors of the publication and/or posted to the new mitkc-web mailing-list (see below).

 

Additionally, as an accompaniment to this new publication the MIT-KC has created a new mailing-list dedicated to Kerberos-on-the-Web. This mailing-list aims to be an open venue where issues and challenges in bringing Kerberos to the Web can be discussed.

 

http://mailman.mit.edu/mailman/listinfo/mitkc-web

 

------------------------------------------------------------

 

 

 

 

_______________________________________________
Kitten mailing list
Kitten <at> ietf.org
https://www.ietf.org/mailman/listinfo/kitten
Internet-Drafts | 18 Feb 00:00 2009
Picon

I-D ACTION:draft-ietf-kitten-rfc2853bis-05.txt

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the Kitten (GSS-API Next Generation) Working Group of the IETF.

	Title		: Generic Security Service API Version 2 : Java Bindings Update
	Author(s)	: M. Upadhyay, S. Malkani
	Filename	: draft-ietf-kitten-rfc2853bis-05.txt
	Pages		: 95
	Date		: 2009-2-16
	
The Generic Security Services Application Program Interface (GSS-API)offers application programmers
uniform access to security services atop a variety of underlying cryptographic mechanisms.  This
document updates the Java bindings for the GSS-API that are specified in
"Generic Security Service API version 2 : Java Bindings" (RFC2853).
This document obsoletes RFC 2853 by making specific and incremental
clarifications and corrections to it in response to identification of
transcription errors and implementation experience.

   The GSS-API is described at a language independent conceptual level
   in "Generic Security Service Application Program Interface Version 2,
   Update 1" (RFC2743).  The GSS-API allows a caller application to
   authenticate a principal identity, to delegate rights to a peer, and
   to apply security services such as confidentiality and integrity on a
   per-message basis.  Examples of security mechanisms defined for GSS-
   API are "The Simple Public-Key GSS-API Mechanism" (RFC2025) and "The
   Kerberos Version 5 GSS-API Mechanism (RFC4121).

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-kitten-rfc2853bis-05.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
Attachment (draft-ietf-kitten-rfc2853bis-05.txt): message/external-body, 69 bytes
_______________________________________________
Kitten mailing list
Kitten <at> ietf.org
https://www.ietf.org/mailman/listinfo/kitten
Shawn M Emery | 26 Feb 07:04 2009
Picon

IETF 74 Agenda


Please review the meeting agenda for IETF 74:

http://www.ietf.org/proceedings/09mar/agenda/kitten.txt
and let us know if you would like to add or change anything.

Shawn and Alexey
kitten co-chairs
--

Gmane