Document in preparation, info page

These docs are under construction, please do not copy from or refer to them without first consulting the author(s)

Authentication Framework, GAAAPI, bindings, cookies

author(s): Joe Salowey, John Vollbrecht, Standish Stewart, Eric Brunner

Kerberos Authentication schemes for the different Authorisation models by Standish Stewart: ppt slides
-----
(Joe) Here are some links I've been looking at recently that might be useful. I
hope I got this message to people who were on the call this week. I added
Axel Nennker to the list because he expressed interest in the Security
related AAA work.

http://search.ietf.org/internet-drafts/draft-ietf-cat-acc-cntrl-frmw-04.txt
http://search.ietf.org/internet-drafts/draft-ietf-cat-gaa-cbind-04.txt

GAAAPI (Generic authorization and Access contol API)
These documents describe this API. John, Standish and I are looking into
how this integrates into our examples.

http://www.opennc.org/security/l2-auth.htm

The Open Groups is working on a similar authorization API

http://www.isi.edu/people/bcn/papers/pdf/9305_proxy-pbaa-neuman-icdcs93.pdf

Cliff Neuman's paper on Proxy-Based Authorization and Accounting for
Distributed Systems which talks somewhat about delegation.

http://www.ietf.org/rfc/rfc2693.txt

SPKI Certificate Theory talks a little about delegation, authentication and
authorization.

http://www.ietf.org/internet-drafts/draft-ietf-http-state-man-mec-12.txt
HTTP cookie draft (state management).

http://search.ietf.org/internet-drafts/draft-jaye-http-trust-state-mgt-01.txt
trust mechanism for state management (cookies, yum!)

http://search.ietf.org/internet-drafts/draft-iesg-http-cookies-03.txt

This is the IESG position message on the use of HTTP cookies. They do
mention authentication in 2.2.2 and in other places.

Draft:

Authors: Tatyana Ryutov and Clifford Neuman
Title: (untitled)
Handle: draft-ietf-cat-acc-cntrl-frmw-03.txt

CdL - aug 31th 2000

Visitors of this page:

AAAARCH