Desired Enhancements to Generic Security Services Application Program Interface (GSS-API) Version 3 Naming
RFC 4768

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    kitten mailing list <>, 
    kitten chair <>
Subject: Document Action: 'Desired Enhancements to GSSAPI 
         Version 3 Naming' to Informational RFC 

The IESG has approved the following document:

- 'Desired Enhancements to GSSAPI Version 3 Naming '
   <draft-ietf-kitten-gss-naming-06.txt> as an Informational RFC

This document is the product of the Kitten (GSS-API Next Generation) 
Working Group. 

The IESG contact persons are Russ Housley and Tim Polk.

A URL of this Internet-Draft is:

Technical Summary

  The Generic Security Services API (GSS-API) provides a naming
  architecture that supports  name-based authorization.  GSS-API
  authenticates two named parties to each other.  Names can be stored on
  access control lists to make authorization decisions.  Advances in
  security mechanisms and the way implementers wish to use GSS-API
  require this model to be extended for the next version of GSS-API.  As
  people move within an organization or change their names, the name
  authenticated by GSS-API may change.  Using some sort of constant
  identifier would make ACLs more stable.  Some mechanisms such as
  public-key mechanisms do not have a single name to be used across all
  environments.  Other mechanisms such as Kerberos  may include group
  membership or role information as part of authentication.  This
  document motivates extensions to GSS-API naming and describes the
  extensions under discussion.

Working Group Summary

  This document is a product of the Kitten Working Group.  It describes
  the choices that are facing the Working Group for naming in GSS-API
  Version 3.

Protocol Quality

  This document was reviewed by Russ Housley for the IESG.