The Channel Conjunction Mechanism (CCM) for GSS
draft-ietf-nfsv4-ccm-03

Document Type Expired Internet-Draft (nfsv4 WG)
Last updated 2004-07-12
Stream IETF
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-nfsv4-ccm-03.txt

Abstract

This document describes a suite of new mechanisms under the GSS [RFC2743]. Some protocols, such as RPCSEC_GSS [RFC2203], use GSS to authenticate every message transfer, thereby incurring significant overhead due to the costs of cryptographic computation. While hardware-based cryptographic accelerators can mitigate such overhead, it is more likely that acceleration will be available for lower layer protocols, such as IPsec [RFC2401] than for upper layer protocols like RPCSEC_GSS. CCM can be used as a way to allow GSS mechanism- independent upper layer protocols to leverage the data stream protections of lower layer protocols, without the inconvenience of modifying the upper layer protocol to do so.

Authors

Mike Eisler (email2mre-ietf@yahoo.com)
Nevin Williams (nevin@corp.home.net)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)