HTTP Authentication: SPNEGO Access Authentication As implemented in Microsoft Windows 2000
draft-brezak-spnego-http-04
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | John Brezak | ||
Last updated | 2002-10-16 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes how the Microsoft Internet Explorer (MSIE) and Internet Information Services (IIS) incorporated in Microsoft Windows 2000 use Kerberos for security enhancements of web transactions. The HTTP auth-scheme of 'negotiate' is defined here; when the negotiation results in the selection of Kerberos, the security services of authentication and optionally impersonation are performed. This document explains how HTTP authentication utilizes the SPNEGO [7] GSSAPI mechanism. Details of SPNEGO implementation are not provided in this document.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)