Common Authentication Technology (cat) Charter
NOTE: This charter is accurate as of the 37th IETF Meeting in San Jose. It
may now be out-of-date. (Consider this a "snapshot" of the working
group from that meeting.) Up-to-date charters for all active working
groups can be found elsewhere in this Web server.
- John Linn <firstname.lastname@example.org>
Security Area Director(s):
- Jeffrey Schiller <email@example.com>
Mailing List Information
- General Discussion:firstname.lastname@example.org
- To Subscribe: email@example.com
- Archive: ftp://bitsy.mit.edu/cat-ietf/archive/
Description of Working Group
The goal of the Common Authentication Technology (CAT) Working Group is
to provide distributed security services (including authentication,
integrity, and confidentiality) to a variety of protocol callers in a
manner which insulates those callers from the specifics of underlying
By separating security implementation tasks from the tasks of
integrating security data elements into caller protocols, those tasks
can be partitioned and performed separately by implementors with
different areas of expertise. This provides leverage for the IETF
community's security-oriented resources, and allows protocol
implementors to focus on the functions their protocols are designed to
provide rather than on characteristics of security mechanisms. CAT
seeks to encourage uniformity and modularity in security approaches,
supporting the use of common techniques and accommodating evolution of
In support of these goals, the working group pursues several
interrelated tasks. We have defined a common service interface allowing
callers to invoke security services in association-oriented
environments, with an associated token format identifying the security
mechanism being employed. A revision to this document set is currently
being finalized in response to implementation experience. The CAT
Working Group also defines underlying mechanisms to provide security
services, and supports integration of security services into caller
protocols. Related work areas include interface and mechanism
extensions under consideration for message protection in
store-and-forward environments and for authorization support.
Goals and Milestones
- Progress Internet-Draft and RFC publication of mechanism-level documents to support independent, interoperable implementations of CAT-supporting mechanisms.
- Preliminary BOF session at IETF meeting, discussions with TELNET and Network Printing Working Groups.
- Distribute Generic Security Service Application Program Interface (GSS-API) documentation through Internet-Draft process.
- First IETF meeting as full working group: review charter distribute documents, and status of related implementation, integration, and consulting liaison activities. Schedule follow-on tasks, including documentation plan for specific CAT-supporting security mechanisms.
- Update mechanism-independent Internet-Drafts in response to issues raised, distribute additional mechanism-specific documentation including Distributed Authentication Services architectural description and terms/conditions for use of the technology documented therein.
- Second IETF meeting: Review distributed documents and status of related activities, continue consulting liaisons. Discuss features and characteristics of underlying mechanisms. Define scope and schedule for follow-on work.
- Submit service interface specification to to the IESG for consideration as a Proposed Standard.
- Apr 96
- Submit GSS-V2 to IESG for consideration as a Proposed Standard.
- Jun 96
- Submit revised version of RFC1510 (Kerberos) to IESG for consideration as a Draft Standard.
- Jun 96
- Plan next phase of activities, with particular attention to scope and tasking for authorization, store and forward protection support, and additional mechanisms.
Request for Comments