I know that some of you have expressed interest in learning if we can use
Kerberos in IPP.
I believe that the answer can be found in this new draft from the TLS WG.
I expect that if you use TLS with IPP, you should also be able to use
Kerberos, without the need for IPP to write any further specs.
Please correct me if you think I am wrong!
Manager, Print Services
Xerox Architecture Center - Xerox Corporation
701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
Phone +1-310-333 8273, Fax +1-310-333 5514
From: Internet-Drafts@ietf.org [mailto:Internet-Drafts@ietf.org]
Sent: Thursday, November 09, 2000 3:21 AM
To: IETF Transport Layer Security WG
Subject: [ietf-tls] I-D ACTION:draft-ietf-tls-kerb-00.txt
A New Internet-Draft is available from the on-line Internet-Drafts
This draft is a work item of the Transport Layer Security Working Group of
Title : Kerberos Cipher Suites in Transport Layer Security
Author(s) : M. Hur, A. Medvinsky
Filename : draft-ietf-tls-kerb-00.txt
Date : 08-Nov-00
RFC 2712 [KERBTLS] introduced mechanisms for supporting Kerberos
[KERB] authentication within the TLS protocol [TLS]. This document
extends RFC 2712 to support delegation of Kerberos credentials. In
this way, a TLS server may obtain a Kerberos service ticket on behalf
of the TLS client. Thus, a single client identity may be used for
authentication within a multi-tier architecture. This draft also
proposes a mechanism for a TLS server to indicate Kerberos-specific
information to the client within the certificate request message in
the initial exchange.
A URL for this Internet-Draft is:
Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
Internet-Drafts can also be obtained by e-mail.
Send a message to:
In the body type:
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
attached mail follows:
This archive was generated by hypermail 2b29 : Thu Nov 09 2000 - 12:13:55 EST