I-D ACTION:draft-haller-auth-requirements-03.txt

Internet-Drafts@CNRI.Reston.VA.US Mon, 07 March 1994 16:49 UTC

Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
To: IETF-Announce:;
Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US
From: Internet-Drafts@CNRI.Reston.VA.US
Reply-to: Internet-Drafts@CNRI.Reston.VA.US
Subject: I-D ACTION:draft-haller-auth-requirements-03.txt
Date: Mon, 07 Mar 1994 11:42:01 -0500
Message-ID: <9403071142.aa08229@IETF.CNRI.Reston.VA.US>

A Revised Internet-Draft is available from the on-line Internet-Drafts 
directories.                                                               

       Title     : Internet Authentication Guidelines                      
       Author(s) : N. Haller, R. Atkinson
       Filename  : draft-haller-auth-requirements-03.txt
       Pages     : 14
       Date      : 03/03/1994

The authentication requirements of computing systems and network protocols 
vary greatly with their intended use, accessibility, and their network 
connectivity.  This document describes a spectrum of authentication 
technologies and provides guidance to protocol developers on what kinds of 
authentication might be suitable for what kinds of protocols and 
applications used in the Internet.  

Disclosing passwords, which are vulnerable to passive attack, are not strong
enough to be appropriate in the current Internet.  Further, there is ample 
evidence that both passive and active attacks are not uncommon in the 
current Internet.  The authors of this paper believe that many protocols 
used in the Internet should have stronger authentication mechanisms so that 
they are at least protected from passive attacks. Support for authentication
mechanisms secure against active attack is clearly desirable in 
internetworking protocols. 

There are a number of dimensions to the internetwork authentication problem 
and, in the interest of brevity and readability, this document only describes
some of them.  However, factors that a protocol designer should consider 
include whether authentication is between machines or between a human and 
a machine, whether the authentication is local only or distributed across a 
network, strength of the authentication mechanism, and how keys are managed.         

Internet-Drafts are available by anonymous FTP.  Login with the	
username "anonymous" and password "guest".  After logging in,
Type "cd internet-drafts".
     "get draft-haller-auth-requirements-03.txt".
 
Internet-Drafts directories are located at:	
	                                                
     o  US East Coast                            
        Address:  ds.internic.net (198.49.45.10)	
	                                                
     o  US West Coast                            
        Address:  venera.isi.edu (128.9.0.32)  	
	                                                
     o  Pacific Rim                              
        Address:  munnari.oz.au (128.250.1.21)	
	                                                
     o  Europe                                   
        Address:  nic.nordu.net (192.36.148.17)	
	                                                
Internet-Drafts are also available by mail.	
	                                                
Send a message to:  mailserv@ds.internic.net. In the body type: 
     "FILE /internet-drafts/draft-haller-auth-requirements-03.txt".
							
For questions, please mail to Internet-Drafts@cnri.reston.va.us.
							

Below is the data which will enable a MIME compliant Mail Reader 
implementation to automatically retrieve the ASCII version
of the Internet-Draft.

ftp://ds.internic.net/internet-drafts/draft-haller-auth-requirements-03.txt"><ftp://ds.internic.net/internet-drafts/draft-haller-auth-requirements-03.txt>

I-D ACTION:draft-haller-auth-requirements-03.txt Internet-Drafts