Concluded WG Common Authentication Technology (cat)
Note: The data for concluded WGs is occasionally incorrect.
WG | Name | Common Authentication Technology | |
---|---|---|---|
Acronym | cat | ||
Area | Security Area (sec) | ||
State | Concluded | ||
Charter | charter-ietf-cat-01 Approved | ||
Document dependencies | |||
Personnel | Chair | John Linn | |
Mailing list | Address | ietf-cat-wg@lists.stanford.edu | |
To subscribe | ietf-cat-wg-request@lists.stanford.edu | ||
Archive | ftp://ftp.ietf.org/ietf-mail-archive/cat/ |
Final Charter for Working Group
The goal of the Common Authentication Technology (CAT) Working Group is
to provide distributed security services (which have included
authentication, integrity, and confidentiality, and may broaden to
include authorization) to a variety of protocol callers in a manner
which insulates those callers from the specifics of underlying security
mechanisms.
By separating security implementation tasks from the tasks of
integrating security data elements into caller protocols, those tasks
can be partitioned and performed separately by implementors with
different areas of xpertise. This provides leverage for the IETF
community's security-oriented resources, and allows protocol
implementors to focus on the functions their protocols are designed to
provide rather than on characteristics of security mechanisms. CAT seeks
to encourage uniformity and modularity in security approaches,
supporting the use of common techniques and accommodating evolution of
underlying technologies.
In support of these goals, the working group pursues several
interrelated tasks. We have defined a common service interface (GSS-API)
allowing callers to invoke security services in association-oriented
environments, with an associated token format identifying the security
mechanism being employed. Existing documents provide C language bindings
for GSS-API; currently ongoing work is defining bindings for Java.
Authorization interfaces are currently being evaluated as a related area
for follow-on work, with the level of achievable portability an
important consideration. The CAT Working Group also defines supporting
mechanisms to provide security services; current activity includes
specification of "low-infrastructure" mechanisms to support ease of
deployment and use.
Done milestones
Date | Milestone | Associated documents |
---|---|---|
Done | Review status of ongoing active projects. | |
Done | Submit GSS-V2 Java service provider interface document to IESG for consideration as Proposed Standard. | |
Done | Submit GSS-V2 Java bindings specification to IESG for consideration as Proposed Standard. | |
Done | Determine direction and intent re progressing low-infrastructure mechanism definitions. | |
Done | Determine direction and intent re progressing authorization interfaces. | |
Done | Progress Internet-Draft and RFC publication of mechanism-level documents to support independent, interoperable implementations of CAT-supporting mechanisms. | |
Done | Submit GSS-V2 C bindings document to IESG for consideration as a Proposed Standard. | |
Done | Issue Internet-Draft representing updated version of RFC-2078, aligned with GSS-V2 C bindings Internet-Draft. | |
Done | Submit Negotiated Mechanism document to IESG for consideration as a Proposed Standard | |
Done | Plan next phase of activities, with particular attention to scope and tasking for authorization, store and forward protection support, and additional mechanisms. | |
Done | Submit GSS-V2 to IESG for consideration as a Proposed Standard. | |
Done | Submit service interface specification to to the IESG for consideration as a Proposed Standard. | |
Done | Second IETF meeting: Review distributed documents and status of related activities, continue consulting liaisons. Discuss features and characteristics of underlying mechanisms. Define scope and schedule for follow-on work. | |
Done | Update mechanism-independent Internet-Drafts in response to issues raised, distribute additional mechanism-specific documentation including Distributed Authentication Services architectural description and terms/conditions for use of the technology documented therein. | |
Done | First IETF meeting as full working group: review charter distribute documents, and status of related implementation, integration, and consulting liaison activities. Schedule follow-on tasks, including documentation plan for specific CAT-supporting security mechanisms. | |
Done | Distribute Generic Security Service Application Program Interface (GSS-API) documentation through Internet-Draft process. | |
Done | Preliminary BOF session at IETF meeting, discussions with TELNET and Network Printing Working Groups. |