IPP Mail Archive: IPP> FW: [ietf-tls] I-D ACTION:draft-ietf-

IPP Mail Archive: IPP> FW: [ietf-tls] I-D ACTION:draft-ietf-

IPP> FW: [ietf-tls] I-D ACTION:draft-ietf-tls-kerb-00.txt

From: Manros, Carl-Uno B (cmanros@cp10.es.xerox.com)
Date: Thu Nov 09 2000 - 12:03:20 EST

  • Next message: McDonald, Ira: "RE: IPP> DRV - Client Print Support Files Internet-Draftdown-load ed"


    I know that some of you have expressed interest in learning if we can use
    Kerberos in IPP.

    I believe that the answer can be found in this new draft from the TLS WG.

    I expect that if you use TLS with IPP, you should also be able to use
    Kerberos, without the need for IPP to write any further specs.

    Please correct me if you think I am wrong!


    Carl-Uno Manros
    Manager, Print Services
    Xerox Architecture Center - Xerox Corporation
    701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
    Phone +1-310-333 8273, Fax +1-310-333 5514
    Email: manros@cp10.es.xerox.com

    -----Original Message-----
    From: Internet-Drafts@ietf.org [mailto:Internet-Drafts@ietf.org]
    Sent: Thursday, November 09, 2000 3:21 AM
    To: IETF Transport Layer Security WG
    Cc: ietf-tls@lists.certicom.com
    Subject: [ietf-tls] I-D ACTION:draft-ietf-tls-kerb-00.txt

    A New Internet-Draft is available from the on-line Internet-Drafts
    This draft is a work item of the Transport Layer Security Working Group of
    the IETF.

            Title : Kerberos Cipher Suites in Transport Layer Security
            Author(s) : M. Hur, A. Medvinsky
            Filename : draft-ietf-tls-kerb-00.txt
            Pages :
            Date : 08-Nov-00
    RFC 2712 [KERBTLS] introduced mechanisms for supporting Kerberos
    [KERB] authentication within the TLS protocol [TLS]. This document
    extends RFC 2712 to support delegation of Kerberos credentials. In
    this way, a TLS server may obtain a Kerberos service ticket on behalf
    of the TLS client. Thus, a single client identity may be used for
    authentication within a multi-tier architecture. This draft also
    proposes a mechanism for a TLS server to indicate Kerberos-specific
    information to the client within the certificate request message in
    the initial exchange.

    A URL for this Internet-Draft is:

    Internet-Drafts are also available by anonymous FTP. Login with the username
    "anonymous" and a password of your e-mail address. After logging in,
    type "cd internet-drafts" and then
            "get draft-ietf-tls-kerb-00.txt".

    A list of Internet-Drafts directories can be found in
    or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

    Internet-Drafts can also be obtained by e-mail.

    Send a message to:
    In the body type:
            "FILE /internet-drafts/draft-ietf-tls-kerb-00.txt".
    NOTE: The mail server at ietf.org can return the document in
            MIME-encoded form by using the "mpack" utility. To use this
            feature, insert the command "ENCODING mime" before the "FILE"
            command. To decode the response(s), you will need "munpack" or
            a MIME-compliant mail reader. Different MIME-compliant mail readers
            exhibit different behavior, especially when dealing with
            "multipart" MIME messages (i.e. documents which have been split
            up into multiple messages), so check your local documentation on
            how to manipulate these messages.
    Below is the data which will enable a MIME compliant mail reader
    implementation to automatically retrieve the ASCII version of the

    attached mail follows:

    • message/external-body attachment: stored

    • text/plain attachment: footer

    This archive was generated by hypermail 2b29 : Thu Nov 09 2000 - 12:13:55 EST