Authenticated Firewall Traversal (aft)

Last Modifield: 2001-07-31

Concluded: 2002-10-9

Chair(s):

Wei Lu <wlu@syl.dl.nec.com>

Security Area Director(s):

Jeffrey Schiller <jis@mit.edu>
Steve Bellovin <smb@research.att.com>

Security Area Advisor:

Jeffrey Schiller <jis@mit.edu>

Mailing Lists:

General Discussion: aft@socks.nec.com
To Subscribe: aft-request@socks.nec.com
Archive: http://www.socks.nec.com/aftmail/

Description of Working Group:

The goal of the Authenticated Firewall Traversal Working Group is to specify a protocol to address the issue of application-layer support for firewall traversal. The working group intends to specify a traversal protocol supporting both TCP and UDP applications with a general framework for authentication of the firewall traversal. To promote interoperability, the group will also propose a base authentication technique for use within the general authentication framework.

The output of the group will consist of a standards-track RFC(s) describing the traversal protocol, the base authentication methods and a reference implementation of the protocol, and base authentication methods. The working group will start with the SOCKS system described by David Koblas in his paper presented at the 1992 Usenix Security Symposium.

Goals and Milestones:

Done    Issue Internet-Draft on V5 SOCKS protocol.
Done    Publish sample implementation for UNIX.
Done    Issue Internet-Draft on SOCKS base authentication methods.
Done    Submit final draft of SOCKS protocol and authentication methods for RFC.

No Current Internet-Drafts

Request For Comments:

Username/Password Authentication for SOCKS V5 (RFC 1929) (3568 bytes)
SOCKS Protocol Version 5 (RFC 1928) (19741 bytes)
GSS-API Authentication Method for SOCKS Version 5 (RFC 1961) (16036 bytes)