IANA GSSAPI name registry out of date

Jeffrey Hutzelman jhutz at cmu.edu
Thu Jun 30 17:00:57 EDT 2005

On Thursday, June 30, 2005 01:20:42 PM -0700 "Henry B. Hotz" 
<hotz at jpl.nasa.gov> wrote:

> On Jun 30, 2005, at 9:44 AM, krbdev-request at mit.edu wrote:
>> Hi.  a vendor was asking about the gss service name registry and I
>> took a look at http://www.iana.org/assignments/gssapi-service-names
>> I think we could do some work updating this registry.
>> Errors I noticed;
>> 1)  rcmd is v4
>> 2) Missing  HTTP, cifs, ldap, probably many others.
> There was a thread around February 15, 2004 on this subject.

Hm.  At first glance, I thought this was overbroad, as the registry in 
question is intended for GSSAPI service names.  However, the description 
associated with that registry also makes specific mention of SASL and 
Kerberos, and there is considerable value in avoiding any collisions in 
these spaces.

So yes, assuming the registration policy permits it, I believe it would be 
a good idea to register there any known Kerberos service names which are 
not in general use.

On a similar note, I would argue that the registration of the 'rcmd' 
service name is appropriate, though an update to the description indicating 
it is normally used only with Kerberos V4 would be useful.  I would not be 
surprised to see interop problems arising from the reuse of 'rcmd' to refer 
to a different service.

-- Jeff

More information about the krbdev mailing list