World Library  
  


Download
Add to Book Shelf
Flag as Inappropriate
Email this Book

Generic Security Service Algorithm for Secret Key Transaction Authentication for Dns (Gss-Tsig)

By Kwan, S.

Click here to view

Book Id: WPLBN0000691961
Format Type: PDF eBook:
File Size: 0.1 MB
Reproduction Date: 2005

Title: Generic Security Service Algorithm for Secret Key Transaction Authentication for Dns (Gss-Tsig)  
Author: Kwan, S.
Volume:
Language: English
Subject: Commercial Law, Business and Commercial Law, Language
Collections: Technical eBooks and Manuals Collection, Technical eBooks Collection
Historic
Publication Date:
Publisher:

Citation

APA MLA Chicago

Kwan, B. S. (n.d.). Generic Security Service Algorithm for Secret Key Transaction Authentication for Dns (Gss-Tsig). Retrieved from http://gutenberg.cc/

Description
Technical Reference Publication

Excerpt
Introduction: The Secret Key Transaction Authentication for DNS (TSIG) [RFC2845] protocol was developed to provide a lightweight authentication and integrity of messages between two DNS entities, such as client and server or server and server. TSIG can be used to protect dynamic update messages, authenticate regular message or to off-load complicated DNSSEC [RFC2535] processing from a client to a server and still allow the client to be assured of the integrity of the answers.

Table of Contents
Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Algorithm Overview . . . . . . . . . . . . . . . . . . . . . . 3 2.1. GSS Details. . . . . . . . . . . . . . . . . . . . . . . 4 2.2. Modifications to the TSIG protocol (RFC 2845). . . . . . 4 3. Client Protocol Details. . . . . . . . . . . . . . . . . . . . 5 3.1. Negotiating Context. . . . . . . . . . . . . . . . . . . 5 3.1.1. Call GSS_Init_sec_context. . . . . . . . . . . . . 6 3.1.2. Send TKEY Query to Server. . . . . . . . . . . . . 8 3.1.3. Receive TKEY Query-Response from Server. . . . . . 8 3.2. Context Established. . . . . . . . . . . . . . . . . . . 11 3.2.1. Terminating a Context. . . . . . . . . . . . . . . 11 4. Server Protocol Details. . . . . . . . . . . . . . . . . . . . 12 4.1. Negotiating Context. . . . . . . . . . . . . . . . . . . 12 4.1.1. Receive TKEY Query from Client . . . . . . . . . . 12 4.1.2. Call GSS_Accept_sec_context. . . . . . . . . . . . 12 4.1.3. Send TKEY Query-Response to Client . . . . . . . . 13 4.2. Context Established. . . . . . . . . . . . . . . . . . . 15 4.2.1. Terminating a Context. . . . . . . . . . . . . . . 15 5. Sending and Verifying Signed Messages. . . . . . . . . . . . . 15 5.1. Sending a Signed Message - Call GSS_GetMIC . . . . . . . 15 5.2. Verifying a Signed Message - Call GSS_VerifyMIC. . . . . 16 6. Example usage of GSS-TSIG algorithm. . . . . . . . . . . . . . 18 7. Security Considerations. . . . . . . . . . . . . . . . . . . . 22 8. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 22 9. Conformance. . . . . . . . . . . . . . . . . . . . . . . . . . 22 10. Intellectual Property Statement. . . . . . . . . . . . . . . . 23 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24 12.1. Normative References. . . . . . . . . . . . . . . . . . 24 12.2. Informative References. . . . . . . . . . . . . . . . . 24 13. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 25 14. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 26

 
 



Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.