rsalz@bbn.com (Rich Salz) (06/07/91)
Path: papaya.bbn.com!bbn.com!gateway!TIS.COM!galvin
From: galvin@TIS.COM (James M Galvin)
Newsgroups: bbn.internet.ietf
Subject: NEW Security Area WG: Common Authentication Technology
Message-ID: <9106062352.AA27337@TIS.COM>
Date: 6 Jun 91 23:52:00 GMT
Sender: news@bbn.com
Reply-To: James M Galvin <galvin@tis.com>
Organization: BBN news/mail gateway
Lines: 76
Enclosed below is the charter for a new security area working group.
This group met as a BOF in St. Louis. The mailing list for the working
group has been "initialized" with the attendance list from that BOF
meeting.
Jim
--------
Common Authentication Technology (cat)
Charter
Chair(s):
John Linn, linn@zendia.enet.dec.com
Mailing Lists:
General Discussion: cat-ietf@mit.edu
To Subscribe: cat-ietf-request@mit.edu
Mail Archive: /cat-ietf/archive@bitsy.mit.edu
Description of Working Group:
The goal of the Common Authentication Technology Working Group
is to provide strong authentication to a variety of protocol
callers in a manner which insulates those callers from the
specifics of underlying security mechanisms. By separating
security implementation tasks from the tasks of integrating
security data elements into caller protocols, those tasks can
be partitioned and performed separately by implementors with
different areas of expertise. This provides leverage for the
IETF community's security-oriented resources, and allows
protocol implementors to focus on the functions their protocols
are designed to provide rather than on characteristics of
security mechanisms. CAT seeks to encourage uniformity and
modularity in security approaches, supporting the use of common
techniques and accomodating evolution of underlying
technologies.
In support of these goals, the Working Group will pursue several
interrelated tasks. We will work towards agreement on a common
service interface allowing callers to invoke security services
implemented with underlying secret-key and public-key mechanisms,
and towards agreement on a common authentication token format,
incorporating means to identify the mechanism type in conjunction
with which authentication data elements should be interpreted. The
CAT Working Group will consult with other IETF Working Groups
responsible for candidate caller protocols, pursuing and supporting
design refinements as appropriate.
Goals and Milestones:
Done Preliminary BOF session at IETF meeting, discussions with
Telnet and Network Printing Working Groups.
Jun 1991 Distribute Generic Security Service Application Program
Interface (GSS-API) documentation through Internet-Draft
process.
Jul 1991 First IETF meeting as full Working Group: review Charter,
distribute documents, and status of related implementation,
integration, and consulting liaison activities. Schedule
follow-on tasks, including documentation plan for specific
CAT-supporting security mechanisms.
Oct 1991 Update mechanism-independent Internet Drafts in response to
issues raised, distribute mechanism-specific documentation.
Nov 1991 Second IETF meeting: Review distributed documents and status
of related activities, continue consulting liaisons. Define
scope and schedule for follow-on work.
Dec 1991 Submit service interface specification to RFC standards
track.
Ongoing Progress Internet Draft and RFC publication of
mechanism-level documents to support independent,
interoperable implementations of CAT-supporting mechanisms.