"GSS-API Internationalization and Domain-Based Service Names and Name Type", Nicolas Williams, Alexey Melnikov, 25-Jan-08. ( bytes)

This document describes domainname-based service principal names and the corresponding name type for the Generic Security Service Application Programming Interface (GSS-API). Internationalization of the GSS-API is also covered. Domain-based service names are similar to host-based service names, but using a domain name (not necessarily an Internet domain name) in addition to a hostname. The primary purpose of domain-based names is to provide a measure of protection to applications that utilize insecure service discovery protocols. This is achieved by providing a way to name clustered services after the "domain" which they service, thereby allowing their clients to authorize the service's servers based on authentication of their service names.

"GSS-API Domain-Based Service Names Mapping for the Kerberos V GSS Mechanism", Nicolas Williams, 25-Jan-08. ( bytes)

This document describes the mapping of GSS-API domainname-based service principal names onto Kerberos V principal names.

"Extended Generic Security Service Mechanism Inquiry APIs", Nicolas Williams, 21-Mar-08. ( bytes)

This document introduces new application programming interfaces (APIs) to the Generic Security Services API (GSS-API) for extended mechanism attribute inquiry. These interfaces are primarily intended to reduce instances of hardcoding of mechanism identifiers in GSS applications. These interfaces include: mechanism attributes and attribute sets, a function for inquiring the attributes of a mechanism, a function for indicating mechanisms that posses given attributes, and a function for displaying mechanism attributes.

"Clarifications and Extensions to the GSS-API for the Use of Channel Bindings", Nicolas Williams, 13-Mar-08. ( bytes)

This document clarifies and generalizes the Generic Security Services Application Programming Interface (GSS-API) "channel bindings" facility, and imposes requirements on future GSS-API mechanisms and programming language bindings of the GSS-API.

"Namespace Considerations and Registries for GSS-API Extensions", Nicolas Williams, 25-Mar-08. ( bytes)

This document describes the ways in which the GSS-API may be extended and directs the creation of an IANA registry for various GSS-API namespaces.

Return to Internet-Draft directory.

Return to IETF home page.