UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 5056

On the Use of Channel Bindings to Secure Channels

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 November 2007
Status: active
Page Count: 23
scope:

The concept of channel binding allows applications to establish that the two end-points of a secure channel at one network layer are the same as at a higher layer by binding authentication at the higher layer to the channel at the lower layer. This allows applications to delegate session protection to lower layers, which has various performance benefits.

This document discusses and formalizes the concept of channel binding to secure channels.

Document History

IETF RFC 5056
November 1, 2007
On the Use of Channel Bindings to Secure Channels
The concept of channel binding allows applications to establish that the two end-points of a secure channel at one network layer are the same as at a higher layer by binding authentication at the...

References

This document references:
IETF RFC 1964 - The Kerberos Version 5 GSS-API Mechanism
Published by IETF on June 1, 1996
This specification defines protocols, procedures, and conventions to be employed by peers implementing the Generic Security Service Application Program Interface (as specified in RFCs 1508 and 1509)...
This document references:
IETF RFC 2203 - RPCSEC_GSS Protocol Specification
Published by IETF on September 1, 1997
This memo describes an ONC/RPC security flavor that allows RPC protocols to access the Generic Security Services Application Programming Interface (referred to henceforth as GSS-API).
This document references:
RFC 2743 - Generic Security Service Application Program Interface Version 2, Update 1
Published by IETF on January 1, 2000
A description is not available for this item.
This document references:
RFC 2744 - Generic Security Service API Version 2 : C-bindings
Published by IETF on January 1, 2000
A description is not available for this item.
This document is referenced by:
IETF RFC 5801 - Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family
Published by IETF on July 1, 2010
This document describes how to use a Generic Security Service Application Program Interface (GSS-API) mechanism in the Simple Authentication and Security Layer (SASL) framework. This is done by...
This document is referenced by:
IETF RFC 6677 - Channel-Binding Support for Extensible Authentication Protocol (EAP) Methods
Published by IETF on July 1, 2012
This document defines how to implement channel bindings for Extensible Authentication Protocol (EAP) methods to address the "lying Network Access Service (NAS)" problem as well as the "lying...
This document is referenced by:
IETF RFC 7055 - A GSS-API Mechanism for the Extensible Authentication Protocol
Published by IETF on December 1, 2013
This document defines protocols, procedures, and conventions to be employed by peers implementing the Generic Security Service Application Program Interface (GSS-API) when using the Extensible...
This document is referenced by:
IETF RFC 7861 - Remote Procedure Call (RPC) Security Version 3
Published by IETF on November 1, 2016
This document specifies version 3 of the Remote Procedure Call (RPC) security protocol (RPCSEC_GSS). This protocol provides support for multi-principal authentication of client hosts and user...
View Less
View All
Advertisement