Distributed Authentication Through Kerberos Tickets: Problem statement and Requirements
draft-moustafa-krb-wg-ps-00
Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Hassnaa Moustafa , Gilles Bourdon | ||
Last updated | 2010-10-18 (Latest revision 2010-07-05) | ||
Replaced by | draft-moustafa-krb-wg-mesh-nw | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Replaced by draft-moustafa-krb-wg-mesh-nw | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document presents the problem of authentication and authorization in distributed environments constituted by several users communicating with application servers and communicating with each others. Each user in this environment can also play the role of an application provider. Imagine a large music event where the provided network infrastructure is enhanced with network storage equipment to allow visitors to access content relating to the bands playing at the events, such as recorded video of previous performances, supplementary audio and video material relevant to the bands playing, etc. Certain content is, however, not necessarily available to everyone under the same conditions. Instead access control is applied before the full range of audio, and video material can be accessed. Other content, such as previews, might be offered for free. How can such authentication, and authorization infrastructure be made available with minimal configuration complexity for a temporary event like a music festival? This document describes a problem statement based on the attempt to use Kerberos and lists a couple of requirements for potentially needed Kerberos extensions.
Authors
Hassnaa Moustafa
Gilles Bourdon
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)