RFC 1507 (rfc1507) - Page 1 of 119


DASS - Distributed Authentication Security Service



Alternative Format: Original Text Document

Next >


Network Working Group                                         C. Kaufman
Request for Comments: 1507                 Digital Equipment Corporation
                                                          September 1993


                                  DASS
              Distributed Authentication Security Service

Status of this Memo

   This memo defines an Experimental Protocol for the Internet
   community.  It does not specify an Internet standard.  Discussion and
   suggestions for improvement are requested.  Please refer to the
   current edition of the "Internet Official Protocol Standards" for the
   standardization state and status of this protocol.  Distribution of
   this memo is unlimited.

Table of Contents

    1.   Introduction ................................................ 2
         1.1  What is DASS? .......................................... 2
         1.2  Central Concepts ....................................... 4
         1.3  What This Document Won't Tell You ..................... 11
         1.4  The Relationship between DASS and ISO Standards ....... 17
         1.5  An Authentication Walkthrough ......................... 20
    2.   Services Used .............................................. 25
         2.1  Time Service .......................................... 25
         2.2  Random Numbers ........................................ 26
         2.3  Naming Service ........................................ 26
    3.   Services Provided .......................................... 37
         3.1  Certificate Contents .................................. 38
         3.2  Encrypted Private Key Structure ....................... 40
         3.3  Authentication Tokens ................................. 40
         3.4  Credentials ........................................... 43
         3.5  CA State .............................................. 47
         3.6  Data types used in the routines ....................... 47
         3.7  Error conditions ...................................... 49
         3.8  Certificate Maintenance Functions ..................... 49
         3.9  Credential Maintenance Functions ...................... 55
         3.10 Authentication Procedures ............................. 63
         3.11 DASSlessness Determination Functions .................. 87
    4.   Certificate and message formats ............................ 89
         4.1  ASN.1 encodings ....................................... 89
         4.2  Encoding Rules ........................................ 96
         4.3  Version numbers and forward compatibility ............. 96
         4.4  Cryptographic Encodings ............................... 97
    Annex A - Typical Usage ........................................ 101
         A.1  Creating a CA ........................................ 101



Kaufman


Next >


Web Standards & Support:

Link to and support eLook.org Powered by LoadedWeb Web Hosting
Valid XHTML 1.0! Valid CSS! eLook.org FireFox Extensions