{"draft":"draft-jaganathan-kerberos-http-01","doc_id":"RFC4559","title":"SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows","authors":["K. Jaganathan","L. Zhu","J. Brezak"],"format":["ASCII","HTML"],"page_count":"8","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"INDEPENDENT","abstract":"This document describes how the Microsoft Internet Explorer (MSIE)\r\nand Internet Information Services (IIS) incorporated in Microsoft\r\nWindows 2000 use Kerberos for security enhancements of web\r\ntransactions.  The Hypertext Transport Protocol (HTTP) auth-scheme of\r\n\"negotiate\" is defined here; when the negotiation results in the\r\nselection of Kerberos, the security services of authentication and,\r\noptionally, impersonation (the IIS server assumes the windows identity\r\nof the principal that has been authenticated) are performed.  This\r\ndocument explains how HTTP authentication utilizes the Simple and\r\nProtected GSS-API Negotiation mechanism.  Details of Simple And\r\nProtected Negotiate (SPNEGO) implementation are not provided in this document.  This memo provides information for the Internet community.","pub_date":"June 2006","keywords":["msie","microsoft internet explorer","iis","internet information services","simple and protected negotiate","nt lan manager"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC4559","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc4559"}