summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc3645.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc3645.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc3645.txt')
-rw-r--r--doc/rfc/rfc3645.txt1459
1 files changed, 1459 insertions, 0 deletions
diff --git a/doc/rfc/rfc3645.txt b/doc/rfc/rfc3645.txt
new file mode 100644
index 0000000..6126678
--- /dev/null
+++ b/doc/rfc/rfc3645.txt
@@ -0,0 +1,1459 @@
+
+
+
+
+
+
+Network Working Group S. Kwan
+Request for Comments: 3645 P. Garg
+Updates: 2845 J. Gilroy
+Category: Standards Track L. Esibov
+ J. Westhead
+ Microsoft Corp.
+ R. Hall
+ Lucent Technologies
+ October 2003
+
+
+ Generic Security Service Algorithm for
+ Secret Key Transaction Authentication for DNS (GSS-TSIG)
+
+Status of this Memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2003). All Rights Reserved.
+
+Abstract
+
+ The Secret Key Transaction Authentication for DNS (TSIG) protocol
+ provides transaction level authentication for DNS. TSIG is
+ extensible through the definition of new algorithms. This document
+ specifies an algorithm based on the Generic Security Service
+ Application Program Interface (GSS-API) (RFC2743). This document
+ updates RFC 2845.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 1]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
+ 2. Algorithm Overview . . . . . . . . . . . . . . . . . . . . . . 3
+ 2.1. GSS Details. . . . . . . . . . . . . . . . . . . . . . . 4
+ 2.2. Modifications to the TSIG protocol (RFC 2845). . . . . . 4
+ 3. Client Protocol Details. . . . . . . . . . . . . . . . . . . . 5
+ 3.1. Negotiating Context. . . . . . . . . . . . . . . . . . . 5
+ 3.1.1. Call GSS_Init_sec_context. . . . . . . . . . . . . 6
+ 3.1.2. Send TKEY Query to Server. . . . . . . . . . . . . 8
+ 3.1.3. Receive TKEY Query-Response from Server. . . . . . 8
+ 3.2. Context Established. . . . . . . . . . . . . . . . . . . 11
+ 3.2.1. Terminating a Context. . . . . . . . . . . . . . . 11
+ 4. Server Protocol Details. . . . . . . . . . . . . . . . . . . . 12
+ 4.1. Negotiating Context. . . . . . . . . . . . . . . . . . . 12
+ 4.1.1. Receive TKEY Query from Client . . . . . . . . . . 12
+ 4.1.2. Call GSS_Accept_sec_context. . . . . . . . . . . . 12
+ 4.1.3. Send TKEY Query-Response to Client . . . . . . . . 13
+ 4.2. Context Established. . . . . . . . . . . . . . . . . . . 15
+ 4.2.1. Terminating a Context. . . . . . . . . . . . . . . 15
+ 5. Sending and Verifying Signed Messages. . . . . . . . . . . . . 15
+ 5.1. Sending a Signed Message - Call GSS_GetMIC . . . . . . . 15
+ 5.2. Verifying a Signed Message - Call GSS_VerifyMIC. . . . . 16
+ 6. Example usage of GSS-TSIG algorithm. . . . . . . . . . . . . . 18
+ 7. Security Considerations. . . . . . . . . . . . . . . . . . . . 22
+ 8. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 22
+ 9. Conformance. . . . . . . . . . . . . . . . . . . . . . . . . . 22
+ 10. Intellectual Property Statement. . . . . . . . . . . . . . . . 23
+ 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23
+ 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24
+ 12.1. Normative References. . . . . . . . . . . . . . . . . . 24
+ 12.2. Informative References. . . . . . . . . . . . . . . . . 24
+ 13. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 25
+ 14. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 26
+
+1. Introduction
+
+ The Secret Key Transaction Authentication for DNS (TSIG) [RFC2845]
+ protocol was developed to provide a lightweight authentication and
+ integrity of messages between two DNS entities, such as client and
+ server or server and server. TSIG can be used to protect dynamic
+ update messages, authenticate regular message or to off-load
+ complicated DNSSEC [RFC2535] processing from a client to a server and
+ still allow the client to be assured of the integrity of the answers.
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 2]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ The TSIG protocol [RFC2845] is extensible through the definition of
+ new algorithms. This document specifies an algorithm based on the
+ Generic Security Service Application Program Interface (GSS-API)
+ [RFC2743]. GSS-API is a framework that provides an abstraction of
+ security to the application protocol developer. The security
+ services offered can include authentication, integrity, and
+ confidentiality.
+
+ The GSS-API framework has several benefits:
+
+ * Mechanism and protocol independence. The underlying mechanisms
+ that realize the security services can be negotiated on the fly
+ and varied over time. For example, a client and server MAY use
+ Kerberos [RFC1964] for one transaction, whereas that same server
+ MAY use SPKM [RFC2025] with a different client.
+
+ * The protocol developer is removed from the responsibility of
+ creating and managing a security infrastructure. For example, the
+ developer does not need to create new key distribution or key
+ management systems. Instead the developer relies on the security
+ service mechanism to manage this on its behalf.
+
+ The scope of this document is limited to the description of an
+ authentication mechanism only. It does not discuss and/or propose an
+ authorization mechanism. Readers that are unfamiliar with GSS-API
+ concepts are encouraged to read the characteristics and concepts
+ section of [RFC2743] before examining this protocol in detail. It is
+ also assumed that the reader is familiar with [RFC2845], [RFC2930],
+ [RFC1034] and [RFC1035].
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
+ "RECOMMENDED", and "MAY" in this document are to be interpreted as
+ described in BCP 14, RFC 2119 [RFC2119].
+
+2. Algorithm Overview
+
+ In GSS, client and server interact to create a "security context".
+ The security context can be used to create and verify transaction
+ signatures on messages between the two parties. A unique security
+ context is required for each unique connection between client and
+ server.
+
+ Creating a security context involves a negotiation between client and
+ server. Once a context has been established, it has a finite
+ lifetime for which it can be used to secure messages. Thus there are
+ three states of a context associated with a connection:
+
+
+
+
+
+Kwan, et al. Standards Track [Page 3]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ +----------+
+ | |
+ V |
+ +---------------+ |
+ | Uninitialized | |
+ | | |
+ +---------------+ |
+ | |
+ V |
+ +---------------+ |
+ | Negotiating | |
+ | Context | |
+ +---------------+ |
+ | |
+ V |
+ +---------------+ |
+ | Context | |
+ | Established | |
+ +---------------+ |
+ | |
+ +----------+
+
+ Every connection begins in the uninitialized state.
+
+2.1. GSS Details
+
+ Client and server MUST be locally authenticated and have acquired
+ default credentials before using this protocol as specified in
+ Section 1.1.1 "Credentials" in RFC 2743 [RFC2743].
+
+ The GSS-TSIG algorithm consists of two stages:
+
+ I. Establish security context. The Client and Server use the
+ GSS_Init_sec_context and GSS_Accept_sec_context APIs to generate
+ the tokens that they pass to each other using [RFC2930] as a
+ transport mechanism.
+
+ II. Once the security context is established it is used to generate
+ and verify signatures using GSS_GetMIC and GSS_VerifyMIC APIs.
+ These signatures are exchanged by the Client and Server as a part
+ of the TSIG records exchanged in DNS messages sent between the
+ Client and Server, as described in [RFC2845].
+
+2.2. Modifications to the TSIG protocol (RFC 2845)
+
+ Modification to RFC 2845 allows use of TSIG through signing server's
+ response in an explicitly specified place in multi message exchange
+ between two DNS entities even if client's request wasn't signed.
+
+
+
+Kwan, et al. Standards Track [Page 4]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ Specifically, Section 4.2 of RFC 2845 MUST be modified as follows:
+
+ Replace:
+ "The server MUST not generate a signed response to an unsigned
+ request."
+
+ With:
+ "The server MUST not generate a signed response to an unsigned
+ request, except in case of response to client's unsigned TKEY
+ query if secret key is established on server side after server
+ processed client's query. Signing responses to unsigned TKEY
+ queries MUST be explicitly specified in the description of an
+ individual secret key establishment algorithm."
+
+3. Client Protocol Details
+
+ A unique context is required for each server to which the client
+ sends secure messages. A context is identified by a context handle.
+ A client maintains a mapping of servers to handles:
+
+ (target_name, key_name, context_handle)
+
+ The value key_name also identifies a context handle. The key_name is
+ the owner name of the TKEY and TSIG records sent between a client and
+ a server to indicate to each other which context MUST be used to
+ process the current request.
+
+ DNS client and server MAY use various underlying security mechanisms
+ to establish security context as described in sections 3 and 4. At
+ the same time, in order to guarantee interoperability between DNS
+ clients and servers that support GSS-TSIG it is REQUIRED that
+ security mechanism used by client enables use of Kerberos v5 (see
+ Section 9 for more information).
+
+3.1. Negotiating Context
+
+ In GSS, establishing a security context involves the passing of
+ opaque tokens between the client and the server. The client
+ generates the initial token and sends it to the server. The server
+ processes the token and if necessary, returns a subsequent token to
+ the client. The client processes this token, and so on, until the
+ negotiation is complete. The number of times the client and server
+ exchange tokens depends on the underlying security mechanism. A
+ completed negotiation results in a context handle.
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 5]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ The TKEY resource record [RFC2930] is used as the vehicle to transfer
+ tokens between client and server. The TKEY record is a general
+ mechanism for establishing secret keys for use with TSIG. For more
+ information, see [RFC2930].
+
+3.1.1. Call GSS_Init_sec_context
+
+ To obtain the first token to be sent to a server, a client MUST call
+ GSS_Init_sec_context API.
+
+ The following input parameters MUST be used. The outcome of the call
+ is indicated with the output values below. Consult Sections 2.2.1,
+ "GSS_Init_sec_context call", of [RFC2743] for syntax definitions.
+
+ INPUTS
+ CREDENTIAL HANDLE claimant_cred_handle = NULL (NULL specifies "use
+ default"). Client MAY instead specify some other valid
+ handle to its credentials.
+ CONTEXT HANDLE input_context_handle = 0
+ INTERNAL NAME targ_name = "DNS@<target_server_name>"
+ OBJECT IDENTIFIER mech_type = Underlying security
+ mechanism chosen by implementers. To guarantee
+ interoperability of the implementations of the GSS-TSIG
+ mechanism client MUST specify a valid underlying security
+ mechanism that enables use of Kerberos v5 (see Section 9 for
+ more information).
+ OCTET STRING input_token = NULL
+ BOOLEAN replay_det_req_flag = TRUE
+ BOOLEAN mutual_req_flag = TRUE
+ BOOLEAN deleg_req_flag = TRUE
+ BOOLEAN sequence_req_flag = TRUE
+ BOOLEAN anon_req_flag = FALSE
+ BOOLEAN integ_req_flag = TRUE
+ INTEGER lifetime_req = 0 (0 requests a default
+ value). Client MAY instead specify another upper bound for the
+ lifetime of the context to be established in seconds.
+ OCTET STRING chan_bindings = Any valid channel bindings
+ as specified in Section 1.1.6 "Channel Bindings" in [RFC2743]
+
+ OUTPUTS
+ INTEGER major_status
+ CONTEXT HANDLE output_context_handle
+ OCTET STRING output_token
+ BOOLEAN replay_det_state
+ BOOLEAN mutual_state
+ INTEGER minor_status
+ OBJECT IDENTIFIER mech_type
+ BOOLEAN deleg_state
+
+
+
+Kwan, et al. Standards Track [Page 6]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ BOOLEAN sequence_state
+ BOOLEAN anon_state
+ BOOLEAN trans_state
+ BOOLEAN prot_ready_state
+ BOOLEAN conf_avail
+ BOOLEAN integ_avail
+ INTEGER lifetime_rec
+
+ If returned major_status is set to one of the following errors:
+
+ GSS_S_DEFECTIVE_TOKEN
+ GSS_S_DEFECTIVE_CREDENTIAL
+ GSS_S_BAD_SIG (GSS_S_BAD_MIC)
+ GSS_S_NO_CRED
+ GSS_S_CREDENTIALS_EXPIRED
+ GSS_S_BAD_BINDINGS
+ GSS_S_OLD_TOKEN
+ GSS_S_DUPLICATE_TOKEN
+ GSS_S_NO_CONTEXT
+ GSS_S_BAD_NAMETYPE
+ GSS_S_BAD_NAME
+ GSS_S_BAD_MECH
+ GSS_S_FAILURE
+
+ then the client MUST abandon the algorithm and MUST NOT use the GSS-
+ TSIG algorithm to establish this security context. This document
+ does not prescribe which other mechanism could be used to establish a
+ security context. Next time when this client needs to establish
+ security context, the client MAY use GSS-TSIG algorithm.
+
+ Success values of major_status are GSS_S_CONTINUE_NEEDED and
+ GSS_S_COMPLETE. The exact success code is important during later
+ processing.
+
+ The values of replay_det_state and mutual_state indicate if the
+ security package provides replay detection and mutual authentication,
+ respectively. If returned major_status is GSS_S_COMPLETE AND one or
+ both of these values are FALSE, the client MUST abandon this
+ algorithm.
+
+ Client's behavior MAY depend on other OUTPUT parameters according to
+ the policy local to the client.
+
+ The handle output_context_handle is unique to this negotiation and is
+ stored in the client's mapping table as the context_handle that maps
+ to target_name.
+
+
+
+
+
+Kwan, et al. Standards Track [Page 7]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+3.1.2. Send TKEY Query to Server
+
+ An opaque output_token returned by GSS_Init_sec_context is
+ transmitted to the server in a query request with QTYPE=TKEY. The
+ token itself will be placed in a Key Data field of the RDATA field in
+ the TKEY resource record in the additional records section of the
+ query. The owner name of the TKEY resource record set queried for
+ and the owner name of the supplied TKEY resource record in the
+ additional records section MUST be the same. This name uniquely
+ identifies the security context to both the client and server, and
+ thus the client SHOULD use a value which is globally unique as
+ described in [RFC2930]. To achieve global uniqueness, the name MAY
+ contain a UUID/GUID [ISO11578].
+
+ TKEY Record
+ NAME = client-generated globally unique domain name string
+ (as described in [RFC2930])
+ RDATA
+ Algorithm Name = gss-tsig
+ Mode = 3 (GSS-API negotiation - per [RFC2930])
+ Key Size = size of output_token in octets
+ Key Data = output_token
+
+ The remaining fields in the TKEY RDATA, i.e., Inception, Expiration,
+ Error, Other Size and Data Fields, MUST be set according to
+ [RFC2930].
+
+ The query is transmitted to the server.
+
+ Note: if the original client call to GSS_Init_sec_context returned
+ any major_status other than GSS_S_CONTINUE_NEEDED or GSS_S_COMPLETE,
+ then the client MUST NOT send TKEY query. Client's behavior in this
+ case is described above in Section 3.1.1.
+
+3.1.3. Receive TKEY Query-Response from Server
+
+ Upon the reception of the TKEY query the DNS server MUST respond
+ according to the description in Section 4. This section specifies
+ the behavior of the client after it receives the matching response to
+ its query.
+
+ The next processing step depends on the value of major_status from
+ the most recent call that client performed to GSS_Init_sec_context:
+ either GSS_S_COMPLETE or GSS_S_CONTINUE.
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 8]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+3.1.3.1. Value of major_status == GSS_S_COMPLETE
+
+ If the last call to GSS_Init_sec_context yielded a major_status value
+ of GSS_S_COMPLETE and a non-NULL output_token was sent to the server,
+ then the client side component of the negotiation is complete and the
+ client is awaiting confirmation from the server.
+
+ Confirmation is in the form of a query response with RCODE=NOERROR
+ and with the last client supplied TKEY record in the answer section
+ of the query. The response MUST be signed with a TSIG record. Note
+ that the server is allowed to sign a response to unsigned client's
+ query due to modification to the RFC 2845 specified in Section 2.2
+ above. The signature in the TSIG record MUST be verified using the
+ procedure detailed in section 5, Sending and Verifying Signed
+ Messages. If the response is not signed, OR if the response is
+ signed but the signature is invalid, then an attacker has tampered
+ with the message in transit or has attempted to send the client a
+ false response. In this case, the client MAY continue waiting for a
+ response to its last TKEY query until the time period since the
+ client sent last TKEY query expires. Such a time period is specified
+ by the policy local to the client. This is a new option that allows
+ the DNS client to accept multiple answers for one query ID and select
+ one (not necessarily the first one) based on some criteria.
+
+ If the signature is verified, the context state is advanced to
+ Context Established. Proceed to section 3.2 for usage of the
+ security context.
+
+3.1.3.2. Value of major_status == GSS_S_CONTINUE_NEEDED
+
+ If the last call to GSS_Init_sec_context yielded a major_status value
+ of GSS_S_CONTINUE_NEEDED, then the negotiation is not yet complete.
+ The server will return to the client a query response with a TKEY
+ record in the Answer section. If the DNS message error is not
+ NO_ERROR or error field in the TKEY record is not 0 (i.e., no error),
+ then the client MUST abandon this negotiation sequence. The client
+ MUST delete an active context by calling GSS_Delete_sec_context
+ providing the associated context_handle. The client MAY repeat the
+ negotiation sequence starting with the uninitialized state as
+ described in section 3.1. To prevent infinite looping the number of
+ attempts to establish a security context MUST be limited to ten or
+ less.
+
+ If the DNS message error is NO_ERROR and the error field in the TKEY
+ record is 0 (i.e., no error), then the client MUST pass a token
+ specified in the Key Data field in the TKEY resource record to
+
+
+
+
+
+Kwan, et al. Standards Track [Page 9]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ GSS_Init_sec_context using the same parameters values as in previous
+ call except values for CONTEXT HANDLE input_context_handle and OCTET
+ STRING input_token as described below:
+
+ INPUTS
+ CONTEXT HANDLE input_context_handle = context_handle (this is the
+ context_handle corresponding to the key_name which is the
+ owner name of the TKEY record in the answer section in the
+ TKEY query response)
+
+ OCTET STRING input_token = token from Key field of
+ TKEY record
+
+ Depending on the following OUTPUT values of GSS_Init_sec_context
+
+ INTEGER major_status
+ OCTET STRING output_token
+
+ the client MUST take one of the following actions:
+
+ If OUTPUT major_status is set to one of the following values:
+
+ GSS_S_DEFECTIVE_TOKEN
+ GSS_S_DEFECTIVE_CREDENTIAL
+ GSS_S_BAD_SIG (GSS_S_BAD_MIC)
+ GSS_S_NO_CRED
+ GSS_S_CREDENTIALS_EXPIRED
+ GSS_S_BAD_BINDINGS
+ GSS_S_OLD_TOKEN
+ GSS_S_DUPLICATE_TOKEN
+ GSS_S_NO_CONTEXT
+ GSS_S_BAD_NAMETYPE
+ GSS_S_BAD_NAME
+ GSS_S_BAD_MECH
+ GSS_S_FAILURE
+
+ the client MUST abandon this negotiation sequence. This means that
+ the client MUST delete an active context by calling
+ GSS_Delete_sec_context providing the associated context_handle. The
+ client MAY repeat the negotiation sequence starting with the
+ uninitialized state as described in section 3.1. To prevent infinite
+ looping the number of attempts to establish a security context MUST
+ be limited to ten or less.
+
+ If OUTPUT major_status is GSS_S_CONTINUE_NEEDED OR GSS_S_COMPLETE
+ then client MUST act as described below.
+
+
+
+
+
+Kwan, et al. Standards Track [Page 10]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ If the response from the server was signed, and the OUTPUT
+ major_status is GSS_S_COMPLETE,then the signature in the TSIG record
+ MUST be verified using the procedure detailed in section 5, Sending
+ and Verifying Signed Messages. If the signature is invalid, then the
+ client MUST abandon this negotiation sequence. This means that the
+ client MUST delete an active context by calling
+ GSS_Delete_sec_context providing the associated context_handle. The
+ client MAY repeat the negotiation sequence starting with the
+ uninitialized state as described in section 3.1. To prevent infinite
+ looping the number of attempts to establish a security context MUST
+ be limited to ten or less.
+
+ If major_status is GSS_S_CONTINUE_NEEDED the negotiation is not yet
+ finished. The token output_token MUST be passed to the server in a
+ TKEY record by repeating the negotiation sequence beginning with
+ section 3.1.2. The client MUST place a limit on the number of
+ continuations in a context negotiation to prevent endless looping.
+ Such limit SHOULD NOT exceed value of 10.
+
+ If major_status is GSS_S_COMPLETE and output_token is non-NULL, the
+ client-side component of the negotiation is complete but the token
+ output_token MUST be passed to the server by repeating the
+ negotiation sequence beginning with section 3.1.2.
+
+ If major_status is GSS_S_COMPLETE and output_token is NULL, context
+ negotiation is complete. The context state is advanced to Context
+ Established. Proceed to section 3.2 for usage of the security
+ context.
+
+3.2. Context Established
+
+ When context negotiation is complete, the handle context_handle MUST
+ be used for the generation and verification of transaction
+ signatures.
+
+ The procedures for sending and receiving signed messages are
+ described in section 5, Sending and Verifying Signed Messages.
+
+3.2.1. Terminating a Context
+
+ When the client is not intended to continue using the established
+ security context, the client SHOULD delete an active context by
+ calling GSS_Delete_sec_context providing the associated
+ context_handle, AND client SHOULD delete the established context on
+ the DNS server by using TKEY RR with the Mode field set to 5, i.e.,
+ "key deletion" [RFC2930].
+
+
+
+
+
+Kwan, et al. Standards Track [Page 11]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+4. Server Protocol Details
+
+ As on the client-side, the result of a successful context negotiation
+ is a context handle used in future generation and verification of the
+ transaction signatures.
+
+ A server MAY be managing several contexts with several clients.
+ Clients identify their contexts by providing a key name in their
+ request. The server maintains a mapping of key names to handles:
+
+ (key_name, context_handle)
+
+4.1. Negotiating Context
+
+ A server MUST recognize TKEY queries as security context negotiation
+ messages.
+
+4.1.1. Receive TKEY Query from Client
+
+ Upon receiving a query with QTYPE = TKEY, the server MUST examine
+ whether the Mode and Algorithm Name fields of the TKEY record in the
+ additional records section of the message contain values of 3 and
+ gss-tsig, respectively. If they do, then the (key_name,
+ context_handle) mapping table is searched for the key_name matching
+ the owner name of the TKEY record in the additional records section
+ of the query. If the name is found in the table and the security
+ context for this name is established and not expired, then the server
+ MUST respond to the query with BADNAME error in the TKEY error field.
+ If the name is found in the table and the security context is not
+ established, the corresponding context_handle is used in subsequent
+ GSS operations. If the name is found but the security context is
+ expired, then the server deletes this security context, as described
+ in Section 4.2.1, and interprets this query as a start of new
+ security context negotiation and performs operations described in
+ Section 4.1.2 and 4.1.3. If the name is not found, then the server
+ interprets this query as a start of new security context negotiation
+ and performs operations described in Section 4.1.2 and 4.1.3.
+
+4.1.2. Call GSS_Accept_sec_context
+
+ The server performs its side of a context negotiation by calling
+ GSS_Accept_sec_context. The following input parameters MUST be used.
+ The outcome of the call is indicated with the output values below.
+ Consult Sections 2.2.2 "GSS_Accept_sec_context call" of the RFC 2743
+ [RFC2743] for syntax definitions.
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 12]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ INPUTS
+ CONTEXT HANDLE input_context_handle = 0 if new negotiation,
+ context_handle matching
+ key_name if ongoing negotiation
+ OCTET STRING input_token = token specified in the Key
+ field from TKEY RR (from Additional records Section of
+ the client's query)
+
+ CREDENTIAL HANDLE acceptor_cred_handle = NULL (NULL specifies "use
+ default"). Server MAY instead specify some other valid
+ handle to its credentials.
+ OCTET STRING chan_bindings = Any valid channel bindings
+ as specified in Section 1.1.6 "Channel Bindings" in [RFC2743]
+
+ OUTPUTS
+ INTEGER major_status
+ CONTEXT_HANDLE output_context_handle
+ OCTET STRING output_token
+ INTEGER minor_status
+ INTERNAL NAME src_name
+ OBJECT IDENTIFIER mech_type
+ BOOLEAN deleg_state
+ BOOLEAN mutual_state
+ BOOLEAN replay_det_state
+ BOOLEAN sequence_state
+ BOOLEAN anon_state
+ BOOLEAN trans_state
+ BOOLEAN prot_ready_state
+ BOOLEAN conf_avail
+ BOOLEAN integ_avail
+ INTEGER lifetime_rec
+ CONTEXT_HANDLE delegated_cred_handle
+
+ If this is the first call to GSS_Accept_sec_context in a new
+ negotiation, then output_context_handle is stored in the server's
+ key-mapping table as the context_handle that maps to the name of the
+ TKEY record.
+
+4.1.3. Send TKEY Query-Response to Client
+
+ The server MUST respond to the client with a TKEY query response with
+ RCODE = NOERROR, that contains a TKEY record in the answer section.
+
+ If OUTPUT major_status is one of the following errors the error field
+ in the TKEY record set to BADKEY.
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 13]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ GSS_S_DEFECTIVE_TOKEN
+ GSS_S_DEFECTIVE_CREDENTIAL
+ GSS_S_BAD_SIG (GSS_S_BAD_MIC)
+ GSS_S_DUPLICATE_TOKEN
+ GSS_S_OLD_TOKEN
+ GSS_S_NO_CRED
+ GSS_S_CREDENTIALS_EXPIRED
+ GSS_S_BAD_BINDINGS
+ GSS_S_NO_CONTEXT
+ GSS_S_BAD_MECH
+ GSS_S_FAILURE
+
+ If OUTPUT major_status is set to GSS_S_COMPLETE or
+ GSS_S_CONTINUE_NEEDED then server MUST act as described below.
+
+ If major_status is GSS_S_COMPLETE the server component of the
+ negotiation is finished. If output_token is non-NULL, then it MUST
+ be returned to the client in a Key Data field of the RDATA in TKEY.
+ The error field in the TKEY record is set to NOERROR. The message
+ MUST be signed with a TSIG record as described in section 5, Sending
+ and Verifying Signed Messages. Note that server is allowed to sign a
+ response to unsigned client's query due to modification to the RFC
+ 2845 specified in Section 2.2 above. The context state is advanced
+ to Context Established. Section 4.2 discusses the usage of the
+ security context.
+
+ If major_status is GSS_S_COMPLETE and output_token is NULL, then the
+ TKEY record received from the client MUST be returned in the Answer
+ section of the response. The message MUST be signed with a TSIG
+ record as described in section 5, Sending and Verifying Signed
+ Messages. Note that server is allowed to sign a response to unsigned
+ client's query due to modification to the RFC 2845 specified in
+ section 2.2 above. The context state is advanced to Context
+ Established. Section 4.2 discusses the usage of the security
+ context.
+
+ If major_status is GSS_S_CONTINUE_NEEDED, the server component of the
+ negotiation is not yet finished. The server responds to the TKEY
+ query with a standard query response, placing in the answer section a
+ TKEY record containing output_token in the Key Data RDATA field. The
+ error field in the TKEY record is set to NOERROR. The server MUST
+ limit the number of times that a given context is allowed to repeat,
+ to prevent endless looping. Such limit SHOULD NOT exceed value of
+ 10.
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 14]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ In all cases, except if major_status is GSS_S_COMPLETE and
+ output_token is NULL, other TKEY record fields MUST contain the
+ following values:
+
+ NAME = key_name
+ RDATA
+ Algorithm Name = gss-tsig
+ Mode = 3 (GSS-API negotiation - per [RFC2930])
+ Key Size = size of output_token in octets
+
+ The remaining fields in the TKEY RDATA, i.e., Inception, Expiration,
+ Error, Other Size and Data Fields, MUST be set according to
+ [RFC2930].
+
+4.2. Context Established
+
+ When context negotiation is complete, the handle context_handle is
+ used for the generation and verification of transaction signatures.
+ The handle is valid for a finite amount of time determined by the
+ underlying security mechanism. A server MAY unilaterally terminate a
+ context at any time (see section 4.2.1).
+
+ Server SHOULD limit the amount of memory used to cache established
+ contexts.
+
+ The procedures for sending and receiving signed messages are given in
+ section 5, Sending and Verifying Signed Messages.
+
+4.2.1. Terminating a Context
+
+ A server can terminate any established context at any time. The
+ server MAY hint to the client that the context is being deleted by
+ including a TKEY RR in a response with the Mode field set to 5, i.e.,
+ "key deletion" [RFC2930]. An active context is deleted by calling
+ GSS_Delete_sec_context providing the associated context_handle.
+
+5. Sending and Verifying Signed Messages
+
+5.1. Sending a Signed Message - Call GSS_GetMIC
+
+ The procedure for sending a signature-protected message is specified
+ in [RFC2845]. The data to be passed to the signature routine
+ includes the whole DNS message with specific TSIG variables appended.
+ For the exact format, see [RFC2845]. For this protocol, use the
+ following TSIG variable values:
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 15]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ TSIG Record
+ NAME = key_name that identifies this context
+ RDATA
+ Algorithm Name = gss-tsig
+
+ Assign the remaining fields in the TSIG RDATA appropriate values as
+ described in [RFC2845].
+
+ The signature is generated by calling GSS_GetMIC. The following
+ input parameters MUST be used. The outcome of the call is indicated
+ with the output values specified below. Consult Sections 2.3.1
+ "GSS_GetMIC call" of the RFC 2743[RFC2743] for syntax definitions.
+
+ INPUTS
+ CONTEXT HANDLE context_handle = context_handle for key_name
+ OCTET STRING message = outgoing message plus TSIG
+ variables (per [RFC2845])
+ INTEGER qop_req = 0 (0 requests a default
+ value). Caller MAY instead specify other valid value (for
+ details see Section 1.2.4 in [RFC2743])
+
+ OUTPUTS
+ INTEGER major_status
+ INTEGER minor_status
+ OCTET STRING per_msg_token
+
+ If major_status is GSS_S_COMPLETE, then signature generation
+ succeeded. The signature in per_msg_token is inserted into the
+ Signature field of the TSIG RR and the message is transmitted.
+
+ If major_status is GSS_S_CONTEXT_EXPIRED, GSS_S_CREDENTIALS_EXPIRED
+ or GSS_S_FAILURE the caller MUST delete the security context, return
+ to the uninitialized state and SHOULD negotiate a new security
+ context, as described above in Section 3.1
+
+ If major_status is GSS_S_NO_CONTEXT, the caller MUST remove the entry
+ for key_name from the (target_ name, key_name, context_handle)
+ mapping table, return to the uninitialized state and SHOULD negotiate
+ a new security context, as described above in Section 3.1
+
+ If major_status is GSS_S_BAD_QOP, the caller SHOULD repeat the
+ GSS_GetMIC call with allowed QOP value. The number of such
+ repetitions MUST be limited to prevent infinite loops.
+
+5.2. Verifying a Signed Message - Call GSS_VerifyMIC
+
+ The procedure for verifying a signature-protected message is
+ specified in [RFC2845].
+
+
+
+Kwan, et al. Standards Track [Page 16]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ The NAME of the TSIG record determines which context_handle maps to
+ the context that MUST be used to verify the signature. If the NAME
+ does not map to an established context, the server MUST send a
+ standard TSIG error response to the client indicating BADKEY in the
+ TSIG error field (as described in [RFC2845]).
+
+ For the GSS algorithm, a signature is verified by using
+ GSS_VerifyMIC:
+
+ INPUTS
+ CONTEXT HANDLE context_handle = context_handle for key_name
+ OCTET STRING message = incoming message plus TSIG
+ variables (per [RFC2845])
+ OCTET STRING per_msg_token = Signature field from TSIG RR
+
+ OUTPUTS
+ INTEGER major_status
+ INTEGER minor_status
+ INTEGER qop_state
+
+ If major_status is GSS_S_COMPLETE, the signature is authentic and the
+ message was delivered intact. Per [RFC2845], the timer values of the
+ TSIG record MUST also be valid before considering the message to be
+ authentic. The caller MUST not act on the request or response in the
+ message until these checks are verified.
+
+ When a server is processing a client request, the server MUST send a
+ standard TSIG error response to the client indicating BADKEY in the
+ TSIG error field as described in [RFC2845], if major_status is set to
+ one of the following values
+
+ GSS_S_DEFECTIVE_TOKEN
+ GSS_S_BAD_SIG (GSS_S_BAD_MIC)
+ GSS_S_DUPLICATE_TOKEN
+ GSS_S_OLD_TOKEN
+ GSS_S_UNSEQ_TOKEN
+ GSS_S_GAP_TOKEN
+ GSS_S_CONTEXT_EXPIRED
+ GSS_S_NO_CONTEXT
+ GSS_S_FAILURE
+
+ If the timer values of the TSIG record are invalid, the message MUST
+ NOT be considered authentic. If this error checking fails when a
+ server is processing a client request, the appropriate error response
+ MUST be sent to the client according to [RFC2845].
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 17]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+6. Example usage of GSS-TSIG algorithm
+
+ This Section describes an example where a Client, client.example.com,
+ and a Server, server.example.com, establish a security context
+ according to the algorithm described above.
+
+ I. Client initializes security context negotiation
+
+ To establish a security context with a server, server.example.com, the
+ Client calls GSS_Init_sec_context with the following parameters.
+ (Note that some INPUT and OUTPUT parameters not critical for this
+ algorithm are not described in this example.)
+
+ CONTEXT HANDLE input_context_handle = 0
+ INTERNAL NAME targ_name = "DNS@server.example.com"
+ OCTET STRING input_token = NULL
+ BOOLEAN replay_det_req_flag = TRUE
+ BOOLEAN mutual_req_flag = TRUE
+
+ The OUTPUTS parameters returned by GSS_Init_sec_context include
+ INTEGER major_status = GSS_S_CONTINUE_NEEDED
+ CONTEXT HANDLE output_context_handle context_handle
+ OCTET STRING output_token output_token
+ BOOLEAN replay_det_state = TRUE
+ BOOLEAN mutual_state = TRUE
+
+ Client verifies that replay_det_state and mutual_state values are
+ TRUE. Since the major_status is GSS_S_CONTINUE_NEEDED, which is a
+ success OUTPUT major_status value, client stores context_handle that
+ maps to "DNS@server.example.com" and proceeds to the next step.
+
+ II. Client sends a query with QTYPE = TKEY to server
+
+ Client sends a query with QTYPE = TKEY for a client-generated globally
+ unique domain name string, 789.client.example.com.server.example.com.
+ Query contains a TKEY record in its Additional records section with
+ the following fields. (Note that some fields not specific to this
+ algorithm are not specified.)
+
+ NAME = 789.client.example.com.server.example.com.
+ RDATA
+ Algorithm Name = gss-tsig
+ Mode = 3 (GSS-API negotiation - per [RFC2930])
+ Key Size = size of output_token in octets
+ Key Data = output_token
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 18]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ After the key_name 789.client.example.com.server.example.com.
+ is generated it is stored in the client's (target_name, key_name,
+ context_handle) mapping table.
+
+ III. Server receives a query with QTYPE = TKEY
+
+ When server receives a query with QTYPE = TKEY, the server verifies
+ that Mode and Algorithm fields in the TKEY record in the Additional
+ records section of the query are set to 3 and "gss-tsig" respectively.
+ It finds that the key_name 789.client.example.com.server.example.com.
+ is not listed in its (key_name, context_handle) mapping table.
+
+ IV. Server calls GSS_Accept_sec_context
+
+ To continue security context negotiation server calls
+ GSS_Accept_sec_context with the following parameters. (Note that
+ some INPUT and OUTPUT parameters not critical for this algorithm
+ are not described in this example.)
+
+ INPUTS
+ CONTEXT HANDLE input_context_handle = 0
+ OCTET STRING input_token = token specified in the Key
+ field from TKEY RR (from Additional
+ records section of the client's query)
+
+ The OUTPUTS parameters returned by GSS_Accept_sec_context include
+ INTEGER major_status = GSS_S_CONTINUE_NEEDED
+ CONTEXT_HANDLE output_context_handle context_handle
+ OCTET STRING output_token output_token
+
+ Server stores the mapping of the
+ 789.client.example.com.server.example.com. to OUTPUT context_handle
+ in its (key_name, context_handle) mapping table.
+
+ V. Server responds to the TKEY query
+
+ Since the major_status = GSS_S_CONTINUE_NEEDED in the last server's
+ call to GSS_Accept_sec_context, the server responds to the TKEY query
+ placing in the answer section a TKEY record containing output_token in
+ the Key Data RDATA field. The error field in the TKEY record is set
+ to 0. The RCODE in the query response is set to NOERROR.
+
+ VI. Client processes token returned by server
+
+ When the client receives the TKEY query response from the server, the
+ client calls GSS_Init_sec_context with the following parameters.
+ (Note that some INPUT and OUTPUT parameters not critical for this
+ algorithm are not described in this example.)
+
+
+
+Kwan, et al. Standards Track [Page 19]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ CONTEXT HANDLE input_context_handle = the context_handle stored
+ in the client's mapping table entry (DNS@server.example.com.,
+ 789.client.example.com.server.example.com., context_handle)
+ INTERNAL NAME targ_name = "DNS@server.example.com"
+ OCTET STRING input_token = token from Key field of TKEY
+ record from the Answer section of the server's response
+ BOOLEAN replay_det_req_flag = TRUE
+ BOOLEAN mutual_req_flag = TRUE
+
+ The OUTPUTS parameters returned by GSS_Init_sec_context include
+ INTEGER major_status = GSS_S_COMPLETE
+ CONTEXT HANDLE output_context_handle = context_handle
+ OCTET STRING output_token = output_token
+ BOOLEAN replay_det_state = TRUE
+ BOOLEAN mutual_state = TRUE
+
+ Since the major_status is set to GSS_S_COMPLETE the client side
+ security context is established, but since the output_token is not
+ NULL client MUST send a TKEY query to the server as described below.
+
+ VII. Client sends a query with QTYPE = TKEY to server
+
+ Client sends to the server a TKEY query for the
+ 789.client.example.com.server.example.com. name. Query contains a
+ TKEY record in its Additional records section with the following
+ fields. (Note that some INPUT and OUTPUT parameters not critical to
+ this algorithm are not described in this example.)
+
+ NAME = 789.client.example.com.server.example.com.
+ RDATA
+ Algorithm Name = gss-tsig
+ Mode = 3 (GSS-API negotiation - per [RFC2930])
+ Key Size = size of output_token in octets
+ Key Data = output_token
+
+ VIII. Server receives a TKEY query
+
+ When the server receives a TKEY query, the server verifies that Mode
+ and Algorithm fields in the TKEY record in the Additional records
+ section of the query are set to 3 and gss-tsig, respectively. It
+ finds that the key_name 789.client.example.com.server.example.com. is
+ listed in its (key_name, context_handle) mapping table.
+
+
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 20]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ IX. Server calls GSS_Accept_sec_context
+
+ To continue security context negotiation server calls
+ GSS_Accept_sec_context with the following parameters (Note that some
+ INPUT and OUTPUT parameters not critical for this algorithm are not
+ described in this example)
+
+ INPUTS
+ CONTEXT HANDLE input_context_handle = context_handle from the
+ (789.client.example.com.server.example.com., context_handle)
+ entry in the server's mapping table
+ OCTET STRING input_token = token specified in the Key
+ field of TKEY RR (from Additional records Section of
+ the client's query)
+
+ The OUTPUTS parameters returned by GSS_Accept_sec_context include
+ INTEGER major_status = GSS_S_COMPLETE
+ CONTEXT_HANDLE output_context_handle = context_handle
+ OCTET STRING output_token = NULL
+
+ Since major_status = GSS_S_COMPLETE, the security context on the
+ server side is established, but the server still needs to respond to
+ the client's TKEY query, as described below. The security context
+ state is advanced to Context Established.
+
+ X. Server responds to the TKEY query
+
+ Since the major_status = GSS_S_COMPLETE in the last server's call to
+ GSS_Accept_sec_context and the output_token is NULL, the server
+ responds to the TKEY query placing in the answer section a TKEY record
+ that was sent by the client in the Additional records section of the
+ client's latest TKEY query. In addition, this server places a
+ TSIG record in additional records section of its response. Server
+ calls GSS_GetMIC to generate a signature to include it in the TSIG
+ record. The server specifies the following GSS_GetMIC INPUT
+ parameters:
+
+ CONTEXT HANDLE context_handle = context_handle from the
+ (789.client.example.com.server.example.com., context_handle)
+ entry in the server's mapping table
+ OCTET STRING message = outgoing message plus TSIG
+ variables (as described in [RFC2845])
+
+ The OUTPUTS parameters returned by GSS_GetMIC include
+ INTEGER major_status = GSS_S_COMPLETE
+ OCTET STRING per_msg_token
+
+ Signature field in the TSIG record is set to per_msg_token.
+
+
+
+Kwan, et al. Standards Track [Page 21]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ XI. Client processes token returned by server
+
+ Client receives the TKEY query response from the server. Since the
+ major_status was GSS_S_COMPLETE in the last client's call to
+ GSS_Init_sec_context, the client verifies that the server's response
+ is signed. To validate the signature, the client calls
+ GSS_VerifyMIC with the following parameters:
+
+ INPUTS
+ CONTEXT HANDLE context_handle = context_handle for
+ 789.client.example.com.server.example.com. key_name
+ OCTET STRING message = incoming message plus TSIG
+ variables (as described in [RFC2845])
+ OCTET STRING per_msg_token = Signature field from TSIG RR
+ included in the server's query response
+
+ Since the OUTPUTS parameter major_status = GSS_S_COMPLETE, the
+ signature is validated, security negotiation is complete and the
+ security context state is advanced to Context Established. These
+ client and server will use the established security context to sign
+ and validate the signatures when they exchange packets with each
+ other until the context expires.
+
+7. Security Considerations
+
+ This document describes a protocol for DNS security using GSS-API.
+ The security provided by this protocol is only as effective as the
+ security provided by the underlying GSS mechanisms.
+
+ All the security considerations from RFC 2845, RFC 2930 and RFC 2743
+ apply to the protocol described in this document.
+
+8. IANA Considerations
+
+ The IANA has reserved the TSIG Algorithm name gss-tsig for the use in
+ the Algorithm fields of TKEY and TSIG resource records. This
+ Algorithm name refers to the algorithm described in this document.
+ The requirement to have this name registered with IANA is specified
+ in RFC 2845.
+
+9. Conformance
+
+ The GSS API using SPNEGO [RFC2478] provides maximum flexibility to
+ choose the underlying security mechanisms that enables security
+ context negotiation. GSS API using SPNEGO [RFC2478] enables client
+ and server to negotiate and choose such underlying security
+ mechanisms on the fly. To support such flexibility, DNS clients and
+ servers SHOULD specify SPNEGO mech_type in their GSS API calls. At
+
+
+
+Kwan, et al. Standards Track [Page 22]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+ the same time, in order to guarantee interoperability between DNS
+ clients and servers that support GSS-TSIG it is required that
+
+ - DNS servers specify SPNEGO mech_type
+ - GSS APIs called by DNS client support Kerberos v5
+ - GSS APIs called by DNS server support SPNEGO [RFC2478] and
+ Kerberos v5.
+
+ In addition to these, GSS APIs used by DNS client and server MAY also
+ support other underlying security mechanisms.
+
+10. Intellectual Property Statement
+
+ The IETF takes no position regarding the validity or scope of any
+ intellectual property or other rights that might be claimed to
+ pertain to the implementation or use of the technology described in
+ this document or the extent to which any license under such rights
+ might or might not be available; neither does it represent that it
+ has made any effort to identify any such rights. Information on the
+ IETF's procedures with respect to rights in standards-track and
+ standards-related documentation can be found in BCP-11. Copies of
+ claims of rights made available for publication and any assurances of
+ licenses to be made available, or the result of an attempt made to
+ obtain a general license or permission for the use of such
+ proprietary rights by implementors or users of this specification can
+ be obtained from the IETF Secretariat.
+
+ The IETF invites any interested party to bring to its attention any
+ copyrights, patents or patent applications, or other proprietary
+ rights which may cover technology that may be required to practice
+ this standard. Please address the information to the IETF Executive
+ Director.
+
+11. Acknowledgements
+
+ The authors of this document would like to thank the following people
+ for their contribution to this specification: Chuck Chan, Mike
+ Swift, Ram Viswanathan, Olafur Gudmundsson, Donald E. Eastlake, 3rd
+ and Erik Nordmark.
+
+
+
+
+
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 23]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+12. References
+
+12.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [RFC2478] Baize, E. and D. Pinkas, "The Simple and Protected GSS-API
+ Negotiation Mechanism", RFC 2478, December 1998.
+
+ [RFC2743] Linn, J., "Generic Security Service Application Program
+ Interface, Version 2 , Update 1", RFC 2743, January 2000.
+
+ [RFC2845] Vixie, P., Gudmundsson, O., Eastlake 3rd, D. and B.
+ Wellington, "Secret Key Transaction Authentication for DNS
+ (TSIG)", RFC 2845, May 2000.
+
+ [RFC2930] Eastlake 3rd, D., "Secret Key Establishment for DNS (TKEY
+ RR)", RFC 2930, September 2000.
+
+12.2. Informative References
+
+
+ [ISO11578] "Information technology", "Open Systems Interconnection",
+ "Remote Procedure Call", ISO/IEC 11578:1996,
+ http://www.iso.ch/cate/d2229.html.
+
+ [RFC1034] Mockapetris, P., "Domain Names - Concepts and Facilities",
+ STD 13, RFC 1034, November 1987.
+
+ [RFC1035] Mockapetris, P., "Domain Names - Implementation and
+ Specification", STD 13, RFC 1034, November 1987.
+
+ [RFC1964] Linn, J., "The Kerberos Version 5 GSS-API Mechanism", RFC
+ 1964, June 1996.
+
+ [RFC2025] Adams, C., "The Simple Public-Key GSS-API Mechanism
+ (SPKM)", RFC 2025, October 1996.
+
+ [RFC2137] Eastlake 3rd, D., "Secure Domain Name System Dynamic
+ Update", RFC 2137, April 1997.
+
+ [RFC2535] Eastlake 3rd, D., "Domain Name System Security Extensions",
+ RFC 2535, March 1999.
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 24]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+13. Authors' Addresses
+
+ Stuart Kwan
+ Microsoft Corporation
+ One Microsoft Way
+ Redmond, WA 98052
+ USA
+ EMail: skwan@microsoft.com
+
+ Praerit Garg
+ Microsoft Corporation
+ One Microsoft Way
+ Redmond, WA 98052
+ USA
+ EMail: praeritg@microsoft.com
+
+ James Gilroy
+ Microsoft Corporation
+ One Microsoft Way
+ Redmond, WA 98052
+ USA
+ EMail: jamesg@microsoft.com
+
+ Levon Esibov
+ Microsoft Corporation
+ One Microsoft Way
+ Redmond, WA 98052
+ USA
+ EMail: levone@microsoft.com
+
+ Randy Hall
+ Lucent Technologies
+ 400 Lapp Road
+ Malvern PA 19355
+ USA
+ EMail: randyhall@lucent.com
+
+ Jeff Westhead
+ Microsoft Corporation
+ One Microsoft Way
+ Redmond, WA 98052
+ USA
+ EMail: jwesth@microsoft.com
+
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 25]
+
+RFC 3645 GSS-TSIG October 2003
+
+
+14. Full Copyright Statement
+
+ Copyright (C) The Internet Society (2003). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assignees.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Kwan, et al. Standards Track [Page 26]
+