I-D ACTION:draft-ietf-cat-idup-gss-11.txt

[Internet-Drafts at ietf.org]

A New Internet-Draft is available from the on-line Internet-Drafts
directories.  This draft is a work item of the Common Authentication
Technology Working Group of the IETF.

	Title           : Independent Data Unit Protection Generic
			  Security Service Application Program
			  Interface  (IDUP-GSS-API)
	Author(s)	: C. Adams
	Filename	: draft-ietf-cat-idup-gss-11.txt
	Pages		: 62
	Date		: 01-May-98
	
   The IDUP-GSS-API extends the GSS-API [RFC-2078] for applications
   requiring protection of a generic data unit (such as a file or
   message) in a way which is independent of the protection of any
   other data unit and independent of any concurrent contact with
   designated 'receivers' of the data unit.  Thus, it is suitable for
   applications such as secure electronic mail where data needs to be
   protected without any on-line connection with the intended
   recipient(s) of that data.  The protection offered by IDUP includes
   services such as data origin authentication with data integrity,
   data confidentiality with data integrity, and support for
   non-repudiation services.  Subsequent to being protected, the data
   unit can be transferred to the recipient(s) - or to an archive -
   perhaps to be processed ('unprotected') only days or years later.

   Throughout the remainder of this document, the 'unit' of data
   described in the above paragraph will be referred to as an IDU
   (Independent Data Unit).  The IDU can be of any size (the application
   may, if it wishes, split the IDU into pieces and have the protection
   computed a piece at a time, but the resulting protection token
   applies to the entire IDU).  However, the primary characteristic of
   an IDU is that it represents a stand-alone unit of data whose
   protection is entirely independent of any other unit of data.  If an
   application protects several IDUs and sends them all to a single
   receiver, the IDUs may be unprotected by that receiver in any order
   over any time span; no logical connection of any kind is implied by
   the protection process itself.
 
   As with RFC-2078, this IDUP-GSS-API definition provides security
   services to callers in a generic fashion, supportable with a range of
   underlying mechanisms and technologies and hence allowing source-
   level portability of applications to different environments. This
   specification

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
	"get draft-ietf-cat-idup-gss-11.txt".
A URL for the Internet-Draft is:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-cat-idup-gss-11.txt

Internet-Drafts directories are located at:

	Africa:	ftp.is.co.za
	
	Europe: ftp.nordu.net
		ftp.nis.garr.it
			
	Pacific Rim: munnari.oz.au
	
	US East Coast: ftp.ietf.org
	
	US West Coast: ftp.isi.edu

Internet-Drafts are also available by mail.

Send a message to:	mailserv at ietf.org.  In the body type:
	"FILE /internet-drafts/draft-ietf-cat-idup-gss-11.txt".
	
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.
		
		
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

<ftp://ftp.ietf.org/internet-drafts/draft-ietf-cat-idup-gss-11.txt>