Skip to main content

Name Attributes for the GSS-API Extensible Authentication Protocol (EAP) Mechanism

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    abfab mailing list <>,
    abfab chair <>
Subject: Protocol Action: 'Name Attributes for the GSS-API EAP mechanism' to Proposed Standard (draft-ietf-abfab-gss-eap-naming-07.txt)

The IESG has approved the following document:
- 'Name Attributes for the GSS-API EAP mechanism'
  (draft-ietf-abfab-gss-eap-naming-07.txt) as Proposed Standard

This document is the product of the Application Bridging for Federated
Access Beyond web Working Group.

The IESG contact persons are Stephen Farrell and Sean Turner.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   The naming extensions to the Generic Security Services Application
   Programming interface provide a mechanism for applications to
   discover authorization and personalization information associated
   with GSS-API names. The Extensible Authentication Protocol GSS-API
   mechanism allows an Authentication/Authorization/Accounting peer to
   provide authorization attributes along side an authentication
   response. It also provides mechanisms to process Security Assertion
   Markup Language (SAML) messages provided in the AAA response. This
   document describes the necessary information to use the naming
   extensions API to access that information.

Working Group Summary

   There was nothing particularly rough about the consensus. All contentious points
   were resolved amiably.

Document Quality

   The protocol is in use in the Moonshot project. Jim Schaad provided a very thorough
   review that resulted in a number of changes to the document. The document was also
   socialized in Kitten.


  Klaas Wierenga is the document shepherd
  Stephen Farrell is the irresponsible AD

RFC Editor Note