[xmppwg] [Fwd: WG Last Call: draft-ietf-sasl-gssapi-04.txt]

Peter Saint-Andre stpeter at jabber.org
Wed Apr 12 11:44:20 CDT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This may be of interest, since I know that some XMPP implementations use
the Kerberos V5 ("GSSAPI") SASL mechanism.

To review the document, go here:

http://www.ietf.org/internet-drafts/draft-ietf-sasl-gssapi-04.txt

Speaking of Kerberos, one XMPP implementor recently mentioned to me that
in some architectures it may be necessary to include an attribute on the
<mechanism/> element sent by the receiving entity (server) to the
initiating entity (client or server) in order to specify the service
principal name to which the initiating entity is connected. (E.g., an
XMPP server deployment may have multiple connection managers and the
initiating entity needs to know which one it is connected to in order to
properly request its Kerberos credentials.) So we might have something
like this:

   <stream:features>
     <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
       <mechanism spn='CM1.EXAMPLE.COM'>GSSAPI</mechanism>
       <mechanism>DIGEST-MD5</mechanism>
     </mechanisms>
   </stream:features>

Where the value of the 'spn' attribute is a PrincipalName (preferably
using the "domain" style) that conforms to the format defined in RFC 4120.

Peter


- -------- Original Message --------
Subject: WG Last Call: draft-ietf-sasl-gssapi-04.txt
Date: Wed, 12 Apr 2006 08:46:48 -0700
From: Kurt D. Zeilenga <Kurt at OpenLDAP.org>
To: ietf-sasl at imc.org


This message initiates a SASL Working Group Last Call on the
document:

  Title:     The Kerberos V5 ("GSSAPI") SASL mechanism
  Editor:    A. Melnikov
  Filename:  draft-ietf-sasl-gssapi-04.txt

The purpose of this WG Last Call is to ensure that the Working
Group has achieved consensus that the document is suitable for
publication on the Standards Track.

Please review the document for both technical and editorial
problems.  Technical issues should be discussed on this list.
Editorial issues may be sent to the document editor.  In
the case that a reviewer finds no technical issues, the
reviewer should send a note to the WG chairs indicating
so.

The Last Call period will close on Friday, 28 April 2006.

Upon completion of the WG Last Call, the WG chair(s) will take
action based upon the consensus of the WG.  Possible actions
include:

  1) recommending to the IETF Security Area Directors
     that the document, after possible editorial or
     other minor changes, be considered by the IESG
     for publication as a Standard Track RFC; or

  2) requiring that outstanding issues be adequately
     addressed prior to further action (including,
     possibly, another WG Last Call).

Remember that it is our responsibility as Working Group members
to ensure the quality of our documents.  So, please read and
comment!

Kurt Zeilenga, SASL WG co-chair


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEPS5kNF1RSzyt3NURAvvTAKCStTUvpLgQ4GTMfKafqbgKZz4loACfcvOu
oZVosJJlglCFiyzdmSzolYY=
=4UVY
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/xmppwg/attachments/20060412/33c49685/smime.bin

More information about the xmppwg mailing list