[SECMECH] Generally Usable Authentication Mechanisms

"Salowey, Joe" <jsalowey@cisco.com> Wed, 29 June 2005 20:50 UTC

Received: from localhost.localdomain ([] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnjVu-0001yB-Vu; Wed, 29 Jun 2005 16:50:31 -0400
Received: from odin.ietf.org ([] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnjVr-0001y4-R8 for secmech@megatron.ietf.org; Wed, 29 Jun 2005 16:50:28 -0400
Received: from ietf-mx.ietf.org (ietf-mx []) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA24163 for <secmech@ietf.org>; Wed, 29 Jun 2005 16:50:25 -0400 (EDT)
Received: from sj-iport-3-in.cisco.com ([] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DnjvT-0007J6-RW for secmech@ietf.org; Wed, 29 Jun 2005 17:16:57 -0400
Received: from sj-core-1.cisco.com ( by sj-iport-3.cisco.com with ESMTP; 29 Jun 2005 13:50:16 -0700
X-IronPort-AV: i="3.93,243,1115017200"; d="scan'208"; a="284381244:sNHT3518041042"
Received: from E2K-SEA-XCH2.sea-alpha.cisco.com (e2k-sea-xch2.cisco.com []) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j5TKoFvM004425 for <secmech@ietf.org>; Wed, 29 Jun 2005 13:50:16 -0700 (PDT)
X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 29 Jun 2005 13:54:32 -0700
Message-ID: <7210B31550AC934A8637D6619739CE69056DD3D5@e2k-sea-xch2.sea-alpha.cisco.com>
Thread-Topic: Generally Usable Authentication Mechanisms
Thread-Index: AcV87Can8ULd6eIfSJK0iux2ksw5gw==
From: "Salowey, Joe" <jsalowey@cisco.com>
To: <secmech@ietf.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 79899194edc4f33a41f49410777972f8
Content-Transfer-Encoding: quoted-printable
Subject: [SECMECH] Generally Usable Authentication Mechanisms
X-BeenThere: secmech@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security mechanisms BOF <secmech.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/secmech>
List-Post: <mailto:secmech@lists.ietf.org>
List-Help: <mailto:secmech-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=subscribe>
Sender: secmech-bounces@lists.ietf.org
Errors-To: secmech-bounces@lists.ietf.org

Generally Usable Authentication Mechanisms

We have several frameworks (EAP, GSS-API and SASL) that provide access
to multiple security mechanisms.  Each of these frameworks have
developed to focus on different environments and has strengths in
different areas, however at the core they are trying to reach the same
goal of authentication and cryptographic context establishment.  We
should be able to develop a mechanisms once as a generally useful
mechanism and have it work in any of these frameworks.  The requirements
for a generally useful mechanisms are a superset of the requirements of
the individual frameworks.  I have tried to collect some of these ideas
and requirements in draft-salowey-guam-00.txt.  


Comments on this approach?



SECMECH mailing list