summaryrefslogtreecommitdiff
path: root/doc/standardisation/draft-ietf-kitten-gssapi-channel-bindings-00.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/standardisation/draft-ietf-kitten-gssapi-channel-bindings-00.txt')
-rw-r--r--doc/standardisation/draft-ietf-kitten-gssapi-channel-bindings-00.txt784
1 files changed, 0 insertions, 784 deletions
diff --git a/doc/standardisation/draft-ietf-kitten-gssapi-channel-bindings-00.txt b/doc/standardisation/draft-ietf-kitten-gssapi-channel-bindings-00.txt
deleted file mode 100644
index b7bcc7c5e..000000000
--- a/doc/standardisation/draft-ietf-kitten-gssapi-channel-bindings-00.txt
+++ /dev/null
@@ -1,784 +0,0 @@
-
-KITTEN WG N. Williams
-Internet-Draft Sun
-Expires: December 30, 2004 July 2004
-
-
- Clarifications and Extensions to the GSS-API for the Use of Channel
- Bindings
- draft-ietf-kitten-gssapi-channel-bindings-00.txt
-
-Status of this Memo
-
- By submitting this Internet-Draft, I certify that any applicable
- patent or other IPR claims of which I am aware have been disclosed,
- and any of which I become aware will be disclosed, in accordance with
- RFC 3668.
-
- Internet-Drafts are working documents of the Internet Engineering
- Task Force (IETF), its areas, and its working groups. Note that
- other groups may also distribute working documents as
- Internet-Drafts.
-
- Internet-Drafts are draft documents valid for a maximum of six months
- and may be updated, replaced, or obsoleted by other documents at any
- time. It is inappropriate to use Internet-Drafts as reference
- material or to cite them other than as "work in progress."
-
- The list of current Internet-Drafts can be accessed at
- http://www.ietf.org/ietf/1id-abstracts.txt.
-
- The list of Internet-Draft Shadow Directories can be accessed at
- http://www.ietf.org/shadow.html.
-
- This Internet-Draft will expire on December 30, 2004.
-
-Copyright Notice
-
- Copyright (C) The Internet Society (2004). All Rights Reserved.
-
-Abstract
-
- This document clarifies and generalizes the GSS-API "channel
- bindings" facility. This document also specifies the format of the
- various types of channel bindings.
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 1]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-Table of Contents
-
- 1. Conventions used in this document . . . . . . . . . . . . . . 3
- 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
- 3. Generic Structure for GSS-API Channel Bindings . . . . . . . . 5
- 3.1 Proper Mechanism Use of Channel Bindings . . . . . . . . . 5
- 4. Channel Bindings for SSHv2 . . . . . . . . . . . . . . . . . . 6
- 4.1 GSS_Make_sshv2_channel_bindings() . . . . . . . . . . . . 6
- 4.1.1 C-Bindings . . . . . . . . . . . . . . . . . . . . . . 6
- 5. Channel Bindings for TLS . . . . . . . . . . . . . . . . . . . 7
- 5.1 GSS_Make_tls_channel_bindings() . . . . . . . . . . . . . 7
- 5.1.1 C-Bindings . . . . . . . . . . . . . . . . . . . . . . 7
- 6. Channel Bindings for IPsec . . . . . . . . . . . . . . . . . . 8
- 6.1 GSS_Make_ipsec_channel_bindings() . . . . . . . . . . . . 8
- 6.1.1 C-Bindings . . . . . . . . . . . . . . . . . . . . . . 9
- 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10
- 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
- 8.1 Normative . . . . . . . . . . . . . . . . . . . . . . . . . 11
- 8.2 Informative . . . . . . . . . . . . . . . . . . . . . . . . 11
- Author's Address . . . . . . . . . . . . . . . . . . . . . . . 12
- A. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13
- Intellectual Property and Copyright Statements . . . . . . . . 14
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 2]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-1. Conventions used in this document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119].
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 3]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-2. Introduction
-
- The concept of "channel bindings" and the abstract construction of
- channel bindings for several types of channels are described in
- [CHANNEL-BINDINGS]
-
- To actually use channel bindings in GSS-API aplications additional
- details are required that are given below.
-
- First the structure given to channel bindings data in [RFC2744] is
- generalized to all of the GSS-API, not just its C-Bindings.
-
- Then the actual construction of channel bindings to SSHv2, TLS and
- IPsec channels is given.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 4]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-3. Generic Structure for GSS-API Channel Bindings
-
- The base GSS-API v2, update 1 specification [RFC2743]describes
- channel bindings as an OCTET STRING and leaves it to the GSS-API v2,
- update 1 C-Bindings specification to specify the structure of the
- contents of the channel bindings OCTET STRINGs. The C-Bindings
- specification [RFC2744]then defines, in terms of C, what should be
- generic structure for channel bindings. The Kerberos V GSS mechanism
- [RFC1964]then defines a method for encoding GSS channel bindings in a
- way that is independent of the C-Bindings!
-
- In other words, the structure of GSS channel bindings given in
- [RFC2744] is actually generic, rather than specific to the C
- programming language.
-
- Here, then, is a generic re-statement of this structure, in
- pseudo-ASN.1:
-
- GSS-CHANNEL-BINDINGS := SEQUENCE {
- initiator-address-type INTEGER,
- initiator-address OCTET STRING,
- acceptor-address-type INTEGER,
- acceptor-address OCTET STRING,
- application-data OCTET STRING,
- }
-
- The values for the address fields are described in [RFC2744].
-
- Language-specific bindings of the GSS-API should specify a
- language-specific formulation of this structure.
-
-3.1 Proper Mechanism Use of Channel Bindings
-
- As described in [CHANNEL-BINDINGS], GSS mechanisms should exchange
- integrity protected proofs of channel bindings, where the proof is
- obtained by running a strong hash of the channel bindings data
- (encoded as per some mechanism-specific, such as in [RFC1964]) and a
- binary value to represent the initiator->acceptor, and opposite,
- direction.
-
- The encoding of channel bindings used in [RFC1964], with the addition
- of a binary value as described above, and the substitution of SHA-1
- for MD5 is a reasonable, generic encoding of GSS-CHANNEL-BINDINGS
- that any future GSS mechanisms can use.
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 5]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-4. Channel Bindings for SSHv2
-
- The SSHv2 channel bindings are constructed as an octet string for the
- 'application-data' field of the channel bindings by concatenating the
- following values and in this order:
-
- 1. The ASCII string "GSS SSHv2 CB:"
- 2. The SSHv2 session ID
- 3. Any additional application-provided data, encoded as the DER
- encoding of an ASN.1 OCTET STRING
-
-4.1 GSS_Make_sshv2_channel_bindings()
-
- Inputs:
-
- o session_id OCTET STRING,
- o additional_app_data OCTET STRING
-
- Outputs:
-
- o major_status INTEGER,
- o minor_status INTEGER,
- o channel_bindings_app_data OCTET STRING
-
- Return major_status codes:
- o GSS_S_COMPLETE indicates no error.
- o GSS_S_FAILURE indicates failure to construct the channel bindings
- as a result, perhaps, of a memory management, or similar failure.
-
- This function constructs an OCTET STRING for use as the value of the
- application-data field of the GSS-CHANNEL-BINDINGS structure
- described above.
-
-4.1.1 C-Bindings
-
- OM_uint32 gss_make_sshv2_channel_bindings(
- OM_uint32 *minor_status,
- const gss_buffer_t session_id,
- const gss_buffer_t additional_app_data,
- gss_buffer_t channel_bindings_app_data
- );
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 6]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-5. Channel Bindings for TLS
-
- The TLS channel bindings are constructed as an octet string for the
- 'application-data' field of the channel bindings by concatenating the
- following values and in this order:
-
- 1. The ASCII string "GSS TLSv1.0 CB:"
- 2. The TLS finished message sent by the client
- 3. The TLS finished message sent by the server
- 4. Any additional application-provided data, encoded as the DER
- encoding of an ASN.1 OCTET STRING
-
-5.1 GSS_Make_tls_channel_bindings()
-
- Inputs:
-
- o client_finished_msg OCTET STRING,
- o server_finished_msg OCTET STRING,
- o additional_app_data OCTET STRING
-
- Outputs:
-
- o major_status INTEGER,
- o minor_status INTEGER,
- o channel_bindings_app_data OCTET STRING
-
- Return major_status codes:
- o GSS_S_COMPLETE indicates no error.
- o GSS_S_FAILURE indicates failure to construct the channel bindings
- as a result, perhaps, of a memory management, or similar failure.
-
- This function constructs an OCTET STRING for use as the value of the
- application-data field of the GSS-CHANNEL-BINDINGS structure
- described above.
-
-5.1.1 C-Bindings
-
- OM_uint32 gss_make_tls_channel_bindings(
- OM_uint32 *minor_status,
- const gss_buffer_t client_finished_msg,
- const gss_buffer_t server_finished_msg,
- const gss_buffer_t additional_app_data,
- gss_buffer_t channel_bindings_app_data
- );
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 7]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-6. Channel Bindings for IPsec
-
- The IPsec channel bindings are constructed as an octet string for the
- 'application-data' field of the channel bindings by concatenating the
- following values and in this order:
-
- 1. The ASCII string "GSS IPsec CB:"
- 2. The transform ID for encryption, as a 16-bit big-endian word
- 3. The transform ID for integrity protection, as 16-bit in
- big-endian word
- 4. The initiator ID payload as used in the key exchange protocol
- used for setting up the channel's SAs
- 5. The responder ID payload as used in the key exchange protocol
- used for setting up the channel's SAs
- 6. Any additional application-provided data, encoded as the DER
- encoding of an ASN.1 OCTET STRING
-
- Note that traffic selectors are not included. Inclusion of
- confidentiality/integrity algorithms protects against MITMs that can
- compromise weaker algorithms that policy might permit, for the same
- peers, for other traffic.
-
-6.1 GSS_Make_ipsec_channel_bindings()
-
- Inputs:
-
- o encr_alg INTEGER,
- o integ_alg INTEGER,
- o initiator_id OCTET_STRING,
- o acceptor_id OCTET_STRING,
- o additional_app_data OCTET STRING
-
- Outputs:
-
- o major_status INTEGER,
- o minor_status INTEGER,
- o channel_bindings_app_data OCTET STRING
-
- Return major_status codes:
- o GSS_S_COMPLETE indicates no error.
- o GSS_S_FAILURE indicates failure to construct the channel bindings
- as a result, perhaps, of a memory management, or similar failure.
-
- This function constructs an OCTET STRING for use as the value of the
- application-data field of the GSS-CHANNEL-BINDINGS structure
- described above.
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 8]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-6.1.1 C-Bindings
-
- OM_uint32 gss_make_ipsec_channel_bindings(
- OM_uint32 *minor_status,
- OM_uint32 encr_alg,
- OM_uint32 integ_alg,
- const gss_buffer_t initiator_id,
- const gss_buffer_t acceptor_id,
- const gss_buffer_t additional_app_data,
- gss_buffer_t channel_bindings_app_data
- );
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 9]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-7. Security Considerations
-
- For general security considerations relating to channel bindings see
- [CHANNEL-BINDINGS]
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 10]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-8. References
-
-8.1 Normative
-
- [RFC1964] Linn, J., "The Kerberos Version 5 GSS-API Mechanism", RFC
- 1964, June 1996.
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC2743] Linn, J., "Generic Security Service Application Program
- Interface Version 2, Update 1", RFC 2743, January 2000.
-
- [RFC2744] Wray, J., "Generic Security Service API Version 2 :
- C-bindings", RFC 2744, January 2000.
-
-8.2 Informative
-
- [RFC0854] Postel, J. and J. Reynolds, "Telnet Protocol
- Specification", STD 8, RFC 854, May 1983.
-
- [RFC1035] Mockapetris, P., "Domain names - implementation and
- specification", STD 13, RFC 1035, November 1987.
-
- [RFC2025] Adams, C., "The Simple Public-Key GSS-API Mechanism
- (SPKM)", RFC 2025, October 1996.
-
- [RFC2203] Eisler, M., Chiu, A. and L. Ling, "RPCSEC_GSS Protocol
- Specification", RFC 2203, September 1997.
-
- [RFC2478] Baize, E. and D. Pinkas, "The Simple and Protected GSS-API
- Negotiation Mechanism", RFC 2478, December 1998.
-
- [RFC2623] Eisler, M., "NFS Version 2 and Version 3 Security Issues
- and the NFS Protocol's Use of RPCSEC_GSS and Kerberos V5",
- RFC 2623, June 1999.
-
- [RFC3530] Shepler, S., Callaghan, B., Robinson, D., Thurlow, R.,
- Beame, C., Eisler, M. and D. Noveck, "Network File System
- (NFS) version 4 Protocol", RFC 3530, April 2003.
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 11]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-Author's Address
-
- Nicolas Williams
- Sun Microsystems
- 5300 Riata Trace Ct
- Austin, TX 78727
- US
-
- EMail: Nicolas.Williams@sun.com
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 12]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-Appendix A. Acknowledgments
-
- The author would like to thank Mike Eisler for his work on the
- Channel Conjunction Mechanism I-D and for bringing the problem to a
- head, Sam Hartman for pointing out that channel bindings provide a
- general solution to the channel binding problem, Jeff Altman for his
- suggestion of using the TLS finished messages as the TLS channel
- bindings, Bill Sommerfeld, for his help in developing channel
- bindings for IPsec, and Radia Perlman for her most helpful comments.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Williams Expires December 30, 2004 [Page 13]
-
-Internet-Draft GSS-API Channel Bindings July 2004
-
-
-Intellectual Property Statement
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-
-Disclaimer of Validity
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-
-Copyright Statement
-
- Copyright (C) The Internet Society (2004). This document is subject
- to the rights, licenses and restrictions contained in BCP 78, and
- except as set forth therein, the authors retain all their rights.
-
-
-Acknowledgment
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-Williams Expires December 30, 2004 [Page 14]
-
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 19:15:00 +0000