WG Action: RECHARTER: Common Authentication Technology Next Generation (kitten)

The Common Authentication Technology Next Generation (kitten) working
group in the Security Area of the IETF has been rechartered.  For
additional information, please contact the Area Directors or the working
group Chairs.

Common Authentication Technology Next Generation (kitten)
---------------------------------------------------
Current Status: Active Working Group

Chair(s):
   Tom Yu <tlyu@mit.edu>
   Shawn Emery <shawn.emery@oracle.com>

Security Area Director(s):
   Tim Polk <tim.polk@nist.gov>
   Sean Turner <turners@ieca.com>

Security Area Advisor:
   Tim Polk <tim.polk@nist.gov>

Mailing Lists:
   General Discussion: kitten@ietf.org
   To Suscribe: https://www.ietf.org/mailman/listinfo/kitten
   Archive:
http://www.ietf.org/mail-archive/web/kitten/current/maillist.html

Description of Working Group:

The Generic Security Services (GSS) API and Simple Authentication and
Security Layer (SASL) provide various applications with a security
framework for secure network communication.  The purpose of the Common
Authentication Technology Next Generation (Kitten) working group (WG) is
to develop extensions/improvements to the GSS-API, shepherd specific
GSS-API security mechanisms, and provide guidance for any new SASL-
related submissions.

This working is chartered to specify the following extensions and
improvements (draft-yu-kitten-api-wishlist-00) to the GSS-API:

* Provide new interfaces for credential management, which include the
following:
   initializing credentials
   iterating credentials
   exporting/importing credentials

* Specify interface for asynchronous calls.

* Define interfaces for better error message reporting.

* Provide a more programmer friendly GSS-API for application developers.
This could include reducing the number of interface parameters, for
example, by eliminating parameters which are commonly used with the
default values.

This WG is also chartered to transition proposed SASL mechanisms as
GSS-API mechanisms:

* A SASL Mechanism for OpenID
   draft-lear-ietf-sasl-openid-00
* A SASL Mechanism for SAML
   draft-wierenga-ietf-sasl-saml-00

The transition from SASL to GSS-API mechanisms will allow a greater set
of applications to utilize said mechanisms with SASL implementations
that support the use of GSS-API mechanisms in SASL (draft-ietf-sasl-
gs2).

* Shepherd draft-ietf-sasl-digest-to-historic to publication.

This WG should review proposals for new SASL and GSS-API mechanisms, but
may take on work on such mechanisms only through a revision of this
charter.  The WG should also review non-mechanism proposals related to
SASL and the GSS-API. However, work that adds SASL or GSS-API support in
application protocols should be handled by the application's WG.

Deliverables:

* GSS-API: initializing credentials

* GSS-API: iterating credentials

* GSS-API: exporting/importing credentials

* GSS-API: specification for asynchronous calls

* GSS-API: interfaces/improvements for better error message reporting

* GSS-API: programmer friendly interfaces

* GSS-API: transition SASL mechanism for OpenID

* GSS-API: transition SASL mechanism for SAML

* GSS-API: publish draft-ietf-kitten-gssapi-extensions-iana

* GSS-API: publish draft-ietf-kitten-gssapi-naming-exts

* SASL: publish draft-melnikov-digest-to-historic

Goals and Milestones:

Done         Submit naming-exts to the IESG as Proposed Standard
August 2010  WGLC on gssapi-extensions-iana
August 2010  Submit gssapi-extensions-iana to the IESG as Proposed 
             Standard
TBD          Other Listed Work Items