IANA GSSAPI name registry out of date
jhutz at cmu.edu
Thu Jun 30 17:00:57 EDT 2005
On Thursday, June 30, 2005 01:20:42 PM -0700 "Henry B. Hotz"
<hotz at jpl.nasa.gov> wrote:
> On Jun 30, 2005, at 9:44 AM, krbdev-request at mit.edu wrote:
>> Hi. a vendor was asking about the gss service name registry and I
>> took a look at http://www.iana.org/assignments/gssapi-service-names
>> I think we could do some work updating this registry.
>> Errors I noticed;
>> 1) rcmd is v4
>> 2) Missing HTTP, cifs, ldap, probably many others.
> There was a thread around February 15, 2004 on this subject.
Hm. At first glance, I thought this was overbroad, as the registry in
question is intended for GSSAPI service names. However, the description
associated with that registry also makes specific mention of SASL and
Kerberos, and there is considerable value in avoiding any collisions in
So yes, assuming the registration policy permits it, I believe it would be
a good idea to register there any known Kerberos service names which are
not in general use.
On a similar note, I would argue that the registration of the 'rcmd'
service name is appropriate, though an update to the description indicating
it is normally used only with Kerberos V4 would be useful. I would not be
surprised to see interop problems arising from the reuse of 'rcmd' to refer
to a different service.
More information about the krbdev