From hardjono@MIT.EDU Wed Feb 4 09:42:02 2009 Return-Path: X-Original-To: kitten@core3.amsl.com Delivered-To: kitten@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 66D5B28C278 for ; Wed, 4 Feb 2009 09:42:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.598 X-Spam-Level: X-Spam-Status: No, score=-4.598 tagged_above=-999 required=5 tests=[AWL=2.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5vi5VCo3mng1 for ; Wed, 4 Feb 2009 09:41:57 -0800 (PST) Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by core3.amsl.com (Postfix) with ESMTP id E344C28C26F for ; Wed, 4 Feb 2009 09:41:56 -0800 (PST) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id n14HfYYX027252 for ; Wed, 4 Feb 2009 12:41:35 -0500 (EST) Received: from thomasvnf1ekrv (dhcp-18-111-57-221.dyn.mit.edu [18.111.57.221]) (authenticated bits=0) (User authenticated as hardjono@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id n14HfVXn001894 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for ; Wed, 4 Feb 2009 12:41:33 -0500 (EST) From: "Thomas Hardjono" To: Subject: Towards Kerberizing Web Identity and Services: new MITKC publication & new mailing-list Date: Wed, 4 Feb 2009 12:41:32 -0500 Message-ID: <009201c986ef$d2b7dae0$782790a0$@edu> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0093_01C986C5.E9E1D2E0" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcmG79FLZoVBw9fSQpWPkonkQPIUMw== Content-Language: en-us X-Scanned-By: MIMEDefang 2.42 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Feb 2009 17:43:34 -0000 This is a multipart message in MIME format. ------=_NextPart_000_0093_01C986C5.E9E1D2E0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Towards Kerberizing Web Identity and Services: a new publication from the MIT Kerberos Consortium One of the major goals of the MIT Kerberos Consortium (KIT-KC) is to establish Kerberos as a ubiquitous authentication mechanism on the Internet and also to make Kerberos appropriate for new environments. One of the key efforts within the MIT-KC directed at this goal is the Kerberos-on-the-Web (Kerb-Web) project. The Kerberos-on-the-web project seeks initially to investigate the various aspects of the development and deployment of Kerberos within the Web space. This includes, among others: (a) the use of the Kerberos authentication paradigm within the context of web-authentication and web-services security, (b) the possible architecture integration and interactions between the Kerberos infrastructure and web-services security infrastructure, (c) the possible enhancements of the Kerberos authentication protocol and Kerberos token in order to address the requirements for Single-Sign-On (SSO) on the Web and Web Identity Federation, and (d) the potential re-use of existing Kerberos infrastructure investments in enterprises and other organizations to support the deployment of Kerberos-on-the-Web solutions. In order to provide a starting point and context for discussions going forward regarding Kerberos-on-the-web, the MIT-KC has issued a new publication entitled "Towards Kerberizing Web Identity and Services". This publication can be found in the following location: http://kerberos.org/software/kerbweb.pdf The MIT-KC is seeking feedback and input specifically on this publication. These can be addressed to the MIT-KC strategic advisor (hardjono@mit.edu), addressed to the authors of the publication and/or posted to the new mitkc-web mailing-list (see below). Additionally, as an accompaniment to this new publication the MIT-KC has created a new mailing-list dedicated to Kerberos-on-the-Web. This mailing-list aims to be an open venue where issues and challenges in bringing Kerberos to the Web can be discussed. http://mailman.mit.edu/mailman/listinfo/mitkc-web ------------------------------------------------------------ ------=_NextPart_000_0093_01C986C5.E9E1D2E0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

 

Towards Kerberizing Web Identity and Services: a = new publication from the MIT Kerberos Consortium

 

 

One of the major goals of the MIT Kerberos = Consortium (KIT-KC) is to establish Kerberos as a ubiquitous authentication = mechanism on the Internet and also to make Kerberos appropriate for new environments. = One of the key efforts within the MIT-KC directed at this goal is the = Kerberos-on-the-Web (Kerb-Web) project.

 

The Kerberos-on-the-web project seeks initially to investigate the various aspects of the development and deployment of = Kerberos within the Web space. This includes, among others:

(a) the use of the Kerberos authentication paradigm = within the context of web-authentication and web-services = security,

(b) the possible architecture integration and = interactions between the Kerberos infrastructure and web-services security = infrastructure,

(c) the possible enhancements of the Kerberos = authentication protocol and Kerberos token in order to address the requirements for Single-Sign-On (SSO) on the Web and Web Identity Federation, = and

(d) the potential re-use of existing Kerberos = infrastructure investments in enterprises and other organizations to support the = deployment of Kerberos-on-the-Web solutions.

 

In order to provide a starting point and context = for discussions going forward regarding Kerberos-on-the-web, the MIT-KC has = issued a new publication entitled “Towards Kerberizing Web Identity = and Services”. This publication can be found in the following = location:

 

http://kerberos.org/sof= tware/kerbweb.pdf

 

The MIT-KC is seeking feedback and input = specifically on this publication. These can be addressed to the MIT-KC strategic advisor = (hardjono@mit.edu), addressed to the = authors of the publication and/or posted to the new mitkc-web mailing-list (see = below).

 

Additionally, as an accompaniment to this new = publication the MIT-KC has created a new mailing-list dedicated to = Kerberos-on-the-Web. This mailing-list aims to be an open venue where issues and challenges = in bringing Kerberos to the Web can be discussed.

 

http://mailman= .mit.edu/mailman/listinfo/mitkc-web

 

-------------------------------------------------------= -----

 

 

 

 

------=_NextPart_000_0093_01C986C5.E9E1D2E0-- From root@core3.amsl.com Tue Feb 17 15:00:01 2009 Return-Path: X-Original-To: kitten@ietf.org Delivered-To: kitten@core3.amsl.com Received: by core3.amsl.com (Postfix, from userid 0) id 3CBAA3A6964; Tue, 17 Feb 2009 15:00:01 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Subject: I-D ACTION:draft-ietf-kitten-rfc2853bis-05.txt Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090217230001.3CBAA3A6964@core3.amsl.com> Date: Tue, 17 Feb 2009 15:00:01 -0800 (PST) Cc: kitten@ietf.org X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 23:00:01 -0000 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Kitten (GSS-API Next Generation) Working Group of the IETF. Title : Generic Security Service API Version 2 : Java Bindings Update Author(s) : M. Upadhyay, S. Malkani Filename : draft-ietf-kitten-rfc2853bis-05.txt Pages : 95 Date : 2009-2-16 The Generic Security Services Application Program Interface (GSS-API)offers application programmers uniform access to security services atop a variety of underlying cryptographic mechanisms. This document updates the Java bindings for the GSS-API that are specified in "Generic Security Service API version 2 : Java Bindings" (RFC2853). This document obsoletes RFC 2853 by making specific and incremental clarifications and corrections to it in response to identification of transcription errors and implementation experience. The GSS-API is described at a language independent conceptual level in "Generic Security Service Application Program Interface Version 2, Update 1" (RFC2743). The GSS-API allows a caller application to authenticate a principal identity, to delegate rights to a peer, and to apply security services such as confidentiality and integrity on a per-message basis. Examples of security mechanisms defined for GSS- API are "The Simple Public-Key GSS-API Mechanism" (RFC2025) and "The Kerberos Version 5 GSS-API Mechanism (RFC4121). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-kitten-rfc2853bis-05.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-kitten-rfc2853bis-05.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-2-17145906.I-D@ietf.org> --NextPart-- From Shawn.Emery@Sun.COM Wed Feb 25 22:05:41 2009 Return-Path: X-Original-To: kitten@core3.amsl.com Delivered-To: kitten@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5671B3A6BB9 for ; Wed, 25 Feb 2009 22:05:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.046 X-Spam-Level: X-Spam-Status: No, score=-6.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ndqUYEgZSKy for ; Wed, 25 Feb 2009 22:05:40 -0800 (PST) Received: from brmea-mail-2.sun.com (brmea-mail-2.Sun.COM [192.18.98.43]) by core3.amsl.com (Postfix) with ESMTP id 620763A6898 for ; Wed, 25 Feb 2009 22:05:40 -0800 (PST) Received: from fe-amer-09.sun.com ([192.18.109.79]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id n1Q65xkT002455 for ; Thu, 26 Feb 2009 06:05:59 GMT MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; format=flowed; charset=ISO-8859-1 Received: from conversion-daemon.mail-amer.sun.com by mail-amer.sun.com (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 23 2008)) id <0KFN00C00SWZZD00@mail-amer.sun.com> for kitten@ietf.org; Wed, 25 Feb 2009 23:05:59 -0700 (MST) Received: from [10.0.0.5] ([unknown] [67.190.47.79]) by mail-amer.sun.com (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 23 2008)) with ESMTPSA id <0KFN008HQSXZOZB0@mail-amer.sun.com> for kitten@ietf.org; Wed, 25 Feb 2009 23:05:59 -0700 (MST) Date: Wed, 25 Feb 2009 23:04:46 -0700 From: Shawn M Emery Subject: IETF 74 Agenda Sender: Shawn.Emery@Sun.COM To: kitten@ietf.org Message-id: <49A630FE.8020305@sun.com> User-Agent: Thunderbird 2.0.0.18 (X11/20081125) X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Feb 2009 06:05:41 -0000 Please review the meeting agenda for IETF 74: http://www.ietf.org/proceedings/09mar/agenda/kitten.txt and let us know if you would like to add or change anything. Shawn and Alexey kitten co-chairs --