idnits 2.17.1 

draft-ietf-kitten-krb5-gssapi-domain-based-names-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** It looks like you're using RFC 3978 boilerplate.  You should update this
     to the boilerplate described in the IETF Trust License Policy document
     (see https://trustee.ietf.org/license-info), which is required now.

  -- Found old boilerplate from RFC 3667, Section 5.1 on line 14.

  -- Found old boilerplate from RFC 3978, Section 5.5 on line 165.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 142.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 149.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 155.

  ** Found boilerplate matching RFC 3978, Section 5.4, paragraph 1 (on line
     171), which is fine, but *also* found old RFC 2026, Section 10.4C,
     paragraph 1 text on line 36.

  ** The document seems to lack an RFC 3978 Section 5.1 IPR Disclosure
     Acknowledgement -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  ** This document has an original RFC 3978 Section 5.4 Copyright Line,
     instead of the newer IETF Trust Copyright according to RFC 4748.

  ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead
     of the newer disclaimer which includes the IETF Trust according to RFC
     4748.

  ** The document uses RFC 3667 boilerplate or RFC 3978-like boilerplate
     instead of verbatim RFC 3978 boilerplate.  After 6 May 2005, submission
     of drafts without verbatim RFC 3978 boilerplate is not accepted.

     The following non-3978 patterns matched text found in the document. 
     That text should be removed or replaced:

        By submitting this Internet-Draft, I certify that any applicable patent
        or other IPR claims of which I am aware have been disclosed, or
        will be disclosed, and any of which I become aware will be
        disclosed, in accordance with RFC 3668.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard

  == It seems as if not all pages are separated by form feeds - found 0 form
     feeds but 7 pages


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an Introduction section.

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (July 2004) is 7222 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  -- Missing reference section? 'RFC2119' on line 117 looks like a reference

  -- Missing reference section? 'DOMAIN-BASED-NAMES' on line 102 looks like a
     reference

  -- Missing reference section? 'RFC2743' on line 120 looks like a reference

  -- Missing reference section? 'RFC1964' on line 114 looks like a reference

  -- Missing reference section? 'I-D.ietf-krb-wg-kerberos-clarifications' on
     line 106 looks like a reference

  -- Missing reference section? 'RFC1510' on line 111 looks like a reference


     Summary: 8 errors (**), 0 flaws (~~), 3 warnings (==), 13 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------

1	NETWORK WORKING GROUP                                        N. Williams
2	Internet-Draft                                                       Sun
3	Expires: December 30, 2004                                     July 2004

5	   GSS-API Domain-Based Service Names Mapping for the Kerberos V GSS
6	                               Mechanism
7	        draft-ietf-kitten-krb5-gssapi-domain-based-names-00.txt

9	Status of this Memo

11	   By submitting this Internet-Draft, I certify that any applicable
12	   patent or other IPR claims of which I am aware have been disclosed,
13	   and any of which I become aware will be disclosed, in accordance with
14	   RFC 3668.

16	   Internet-Drafts are working documents of the Internet Engineering
17	   Task Force (IETF), its areas, and its working groups.  Note that
18	   other groups may also distribute working documents as
19	   Internet-Drafts.

21	   Internet-Drafts are draft documents valid for a maximum of six months
22	   and may be updated, replaced, or obsoleted by other documents at any
23	   time.  It is inappropriate to use Internet-Drafts as reference
24	   material or to cite them other than as "work in progress."

26	   The list of current Internet-Drafts can be accessed at
27	   http://www.ietf.org/ietf/1id-abstracts.txt.

29	   The list of Internet-Draft Shadow Directories can be accessed at
30	   http://www.ietf.org/shadow.html.

32	   This Internet-Draft will expire on December 30, 2004.

34	Copyright Notice

36	   Copyright (C) The Internet Society (2004).  All Rights Reserved.

38	Abstract

40	   This document describes the mapping of GSS-API domainname-based
41	   service principal names onto Kerberos V principal names.

43	Table of Contents

45	   1. Conventions used in this document  . . . . . . . . . . . . . . . 3
46	   2. Domain-Based Names for the Kerberos V GSS-API Mechanism  . . . . 4
47	   3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
48	   4. Security Considerations  . . . . . . . . . . . . . . . . . . . . 6
49	   5. Normative  . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
50	      Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6
51	      Intellectual Property and Copyright Statements . . . . . . . . . 7

53	1.  Conventions used in this document

55	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
56	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
57	   document are to be interpreted as described in [RFC2119].

59	2.  Domain-Based Names for the Kerberos V GSS-API Mechanism

61	   In accordance with [DOMAIN-BASED-NAMES] this document provides the
62	   mechanism-specific details needed to implement GSS-API [RFC2743]
63	   domain-based service names with the Kerberos V GSS-API mechanism
64	   [RFC1964].

66	   GSS_C_NT_DOMAINBASED_SERVICE name are mapped to Kerberos V principal
67	   names as follows:
68	   o  the <service> name becomes the first (0th) component of the
69	      Kerberos V principal name;
70	   o  the <hostname> becomes the second component of the Kerberos V
71	      principal name;
72	   o  the <domain> name becomes the third component of the Kerberos V
73	      principal name;
74	   o  the realm of the resulting principal name is that which
75	      corresponds to the domain name, treated as a hostname.

77	   The same name canonicalization considerations and methods as used
78	   elsewhere in the Kerberos V GSS-API mechanism [RFC1964] and Kerberos
79	   V [I-D.ietf-krb-wg-kerberos-clarifications] in general apply here.

81	   Implementations SHOULD use a Kerberos V name-type of
82	   NT-SRV-HST-DOMAIN (integral value TBD) but MAY use NT-UNKNOWN
83	   instead.

85	3.  Examples

87	   o  The domain based name, of generic form,
88	      "ldap@Example.TLD@ds1.Example.TLD" may map to a Kerberos V
89	      principal name like: "ldap/ds1.example.tld/
90	      example.tld@EXAMPLE.TLD"
91	   o  The domain based name, of generic form,
92	      "kadmin@Example.TLD@kdc1.Example.TLD" may map to a Kerberos V
93	      principal name like: "kadmin/kdc1.example.tld/
94	      example.tld@EXAMPLE.TLD"

96	4.  Security Considerations

98	   See [DOMAIN-BASED-NAMES].

100	5  Normative

102	   [DOMAIN-BASED-NAMES]
103	              Williams, N., "GSS-API Domain-Based Service Names and Name
104	              Type".

106	   [I-D.ietf-krb-wg-kerberos-clarifications]
107	              Neuman, C., "The Kerberos Network Authentication Service
108	              (V5)", draft-ietf-krb-wg-kerberos-clarifications-07 (work
109	              in progress), September 2004.

111	   [RFC1510]  Kohl, J. and B. Neuman, "The Kerberos Network
112	              Authentication Service (V5)", RFC 1510, September 1993.

114	   [RFC1964]  Linn, J., "The Kerberos Version 5 GSS-API Mechanism", RFC
115	              1964, June 1996.

117	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
118	              Requirement Levels", BCP 14, RFC 2119, March 1997.

120	   [RFC2743]  Linn, J., "Generic Security Service Application Program
121	              Interface Version 2, Update 1", RFC 2743, January 2000.

123	Author's Address

125	   Nicolas Williams
126	   Sun Microsystems
127	   5300 Riata Trace Ct
128	   Austin, TX  78727
129	   US

131	   EMail: Nicolas.Williams@sun.com

133	Intellectual Property Statement

135	   The IETF takes no position regarding the validity or scope of any
136	   Intellectual Property Rights or other rights that might be claimed to
137	   pertain to the implementation or use of the technology described in
138	   this document or the extent to which any license under such rights
139	   might or might not be available; nor does it represent that it has
140	   made any independent effort to identify any such rights.  Information
141	   on the procedures with respect to rights in RFC documents can be
142	   found in BCP 78 and BCP 79.

144	   Copies of IPR disclosures made to the IETF Secretariat and any
145	   assurances of licenses to be made available, or the result of an
146	   attempt made to obtain a general license or permission for the use of
147	   such proprietary rights by implementers or users of this
148	   specification can be obtained from the IETF on-line IPR repository at
149	   http://www.ietf.org/ipr.

151	   The IETF invites any interested party to bring to its attention any
152	   copyrights, patents or patent applications, or other proprietary
153	   rights that may cover technology that may be required to implement
154	   this standard.  Please address the information to the IETF at
155	   ietf-ipr@ietf.org.

157	Disclaimer of Validity

159	   This document and the information contained herein are provided on an
160	   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
161	   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
162	   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
163	   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
164	   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
165	   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

167	Copyright Statement

169	   Copyright (C) The Internet Society (2004).  This document is subject
170	   to the rights, licenses and restrictions contained in BCP 78, and
171	   except as set forth therein, the authors retain all their rights.

173	Acknowledgment

175	   Funding for the RFC Editor function is currently provided by the
176	   Internet Society.