RFC 5178

Generic Security Service Application Program Interface (GSS-API) Internationalization and Domain-Based Service Names and Name Type, May 2008

Canonical URL:
https://www.rfc-editor.org/rfc/rfc5178.txt
File formats:
Plain TextPDF
Status:
PROPOSED STANDARD
Authors:
N. Williams
A. Melnikov
Stream:
IETF
Source:
kitten (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC5178

Discuss this RFC: Send questions or comments to kitten@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document describes domain-name-based service principal names and the corresponding name type for the Generic Security Service Application Programming Interface (GSS-API). Internationalization of the GSS-API is also covered. Domain-based service names are similar to host-based service names, but using a domain name (not necessarily an Internet domain name) in addition to a hostname. The primary purpose of domain-based names is to provide a measure of protection to applications that utilize insecure service discovery protocols. This is achieved by providing a way to name clustered services after the "domain" which they service, thereby allowing their clients to authorize the service's servers based on authentication of their service names. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×