HOME WEB NEWS IMAGES CLASSIFIEDS YELLOW PAGESPOLLS - SURVEYS WIKI COUNTRIES PHOTOS US UK INDIA
Cities Stocks Weather Movies Coupons Travel Blogs Health Horoscope Maps ASIA EUROPE Classifieds Yellow Pages
|
|
|
This article or section needs to be wikified to meet Wikipedia\'s quality standards. Please help improve this article with relevant internal links. (November 2007) |
|
|
This article is orphaned as few or no other articles link to it. Please help introduce links in articles on related topics. (November 2007) |
|
|
This article does not cite any references or sources. (November 2007) Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed. |
GSS-TSIG (Generic Security Service Algorithm for Secret Key Transaction) is an authentication protocol for DNS, which is the extension to TSIG Protocol. The GSS-TSIG is a frame work of GSS-API to provide authentication, integrity and confidentiality.
GSS-TSIG (RFC 3645) uses frame work like Spengo with authentication protocol Kerberos or NTLM.
GSS-TSIG uses TKEY for exchange of key between DNS client and server in GSS-TSIG mode. For authentication(Kerberos) between DNS client and ADS of windows version, the AS-REQ,AS-REP,TGS-REQ,TGS-REP,these steps should take place for authentication and granting of ticket. after successful these steps the security context established between ADS (active directory server) and client.
Then remaining steps between DNS client and server for key exchange and authentication with DNS server.
The key exchange method can be done with TKEY in GSS-API mode and then dynamic updates to DNS server can take place with TSIG protocol.
Hence the GSS-TSIG is combination of TSIG, GSS-API (kerberos with spengo) and TKEY.
This article is licensed under the GNU Free Documentation License. It uses material from Wikipedia
