Kerberos integration with MashSSL available as GPL

Ravi Ganesan ravi at
Mon Dec 7 17:18:00 EST 2009

Hi All,

I had posted to this list a while back describing a new effort in the works
to standardize a multi-party, application level SSL protocol called MashSSL
(can also be used for two party app level SSL). As an update:

- The protocol is now in Verision released under the W3C royalty
free guidelines as well as the Open Web Foundation IPR.

- This spec is being worked on in the W3C MashSSL
(Thomas Hardjono represents the MIT Kerberos Foundation in the XG).

- There is a group called the MashSSL Alliance
<>which seeks to evangelize the standard. MIT
Kerberos Foundation is a
founding member of the alliance. As a key goal is to build in Kerberos from
the beginning, we welcome support from you (costs nothing to join, no
obligations, just an expression of support really).

- Software implementing MashSSL, including a Gateway that uses SPNEGO to
allow Kerberos authentication cross domain can be found at All the two sites need
is willingness to trust each other's SSL certs (or common root). The
software is currently released under a combination of GPL and Free BSD.
Hope  you find it useful

Please let me know if you have any questions.


Ravi Ganesan
ravi at

More information about the krbdev mailing list