Browse Prior Art Database

Authentication server (RFC0931)

IP.com Disclosure Number: IPCOM000004345D
Original Publication Date: 1985-Jan-01
Included in the Prior Art Database: 2000-Oct-10
Document File: 4 page(s) / 9K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. St. Johns: AUTHOR

Abstract

The Authentication Server Protocol provides a means to determine the identity of a user of a particular TCP connection. Given a TCP port number pair, it returns a character string which identifies the owner of that connection on the server's system. Suggested uses include automatic identification and verification of a user during an FTP session, additional verification of a TAC dial up user, and access verification for a generalized network file server.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 34% of the total text.

Network Working Group Mike StJohns

Request for Comments: 931 TPSC

Supersedes: RFC 912 January 1985

Authentication Server

STATUS OF THIS MEMO

This RFC suggests a proposed protocol for the ARPA-Internet

community, and requests discussion and suggestions for improvements.

This is the second draft of this proposal (superseding RFC 912) and

incorporates a more formal description of the syntax for the request

and response dialog, as well as a change to specify the type of user

identification returned. Distribution of this memo is unlimited.

INTRODUCTION

The Authentication Server Protocol provides a means to determine the

identity of a user of a particular TCP connection. Given a TCP port

number pair, it returns a character string which identifies the owner

of that connection on the server's system. Suggested uses include

automatic identification and verification of a user during an FTP

session, additional verification of a TAC dial up user, and access

verification for a generalized network file server.

OVERVIEW

This is a connection based application on TCP. A server listens for

TCP connections on TCP port 113 (decimal). Once a connection is

established, the server reads one line of data which specifies the

connection of interest. If it exists, the system dependent user

identifier of the connection of interest is sent out the connection.

The service closes the connection after sending the user identifier.

RESTRICTIONS

Queries are permitted only for fully specified connections. The

local/foreign host pair used to fully specify the connection are

taken from the query connection. This means a user on Host A may

only query the server on Host B about connections between A and B.

RFC 931 January 1985

Authentication Server

QUERY/RESPONSE FORMAT

The server accepts simple text query requests of the form

,

where is the TCP port (decimal) on the target (server)

system, and is the TCP port (decimal) on the source

(user) system.

For example:

23, 6191

The response is of the form

, : :

where , are the same pair as the query,

is a keyword identifying the type of response, and

is context dependent.

For example:

23, 6191 : USERID : MULTICS : StJohns.DODCSC.a

23, 6193 : USERID : TAC : MCSJ-MITMUL

23, 6195 : ERROR : NO-USER

RESPONSE TYPES

A response can be one of two types:

USERID

In this case, is a string consisting of an

operating system name, followed by a ":", followed by user

identification string in a format peculiar to the operating system

indicated. ...