fields.  (Note that some INPUT and OUTPUT parameters not critical to  this algorithm are not described in this example.)     NAME = 789.client.example.com.server.example.com.     RDATA        Algorithm Name      = gss-tsig        Mode                = 3 (GSS-API negotiation - per [RFC2930])        Key Size            = size of output_token in octets        Key Data            = output_token  VIII.  Server receives a TKEY query  When the server receives a TKEY query, the server verifies that Mode  and Algorithm fields in the TKEY record in the Additional records  section of the query are set to 3 and gss-tsig, respectively.  It  finds that the key_name 789.client.example.com.server.example.com. is  listed in its (key_name, context_handle) mapping table.Kwan, et al.                Standards Track                    [Page 20]RFC 3645                        GSS-TSIG                    October 2003  IX.  Server calls GSS_Accept_sec_context  To continue security context negotiation server calls  GSS_Accept_sec_context with the following parameters (Note that some  INPUT and OUTPUT parameters not critical for this algorithm are not  described in this example)   INPUTS     CONTEXT HANDLE input_context_handle  = context_handle from the           (789.client.example.com.server.example.com., context_handle)           entry in the server's mapping table     OCTET STRING   input_token           = token specified in the Key           field of TKEY RR (from Additional records Section of           the client's query)  The OUTPUTS parameters returned by GSS_Accept_sec_context include     INTEGER        major_status = GSS_S_COMPLETE     CONTEXT_HANDLE output_context_handle = context_handle     OCTET STRING   output_token = NULL  Since major_status = GSS_S_COMPLETE, the security context on the  server side is established, but the server still needs to respond to  the client's TKEY query, as described below.  The security context  state is advanced to Context Established.  X.  Server responds to the TKEY query  Since the major_status = GSS_S_COMPLETE in the last server's call to  GSS_Accept_sec_context and the output_token is NULL, the server  responds to the TKEY query placing in the answer section a TKEY record  that was sent by the client in the Additional records section of the  client's latest TKEY query.  In addition, this server places a  TSIG record in additional records section of its response.  Server  calls GSS_GetMIC to generate a signature to include it in the TSIG  record.  The server specifies the following GSS_GetMIC INPUT  parameters:     CONTEXT HANDLE context_handle = context_handle from the           (789.client.example.com.server.example.com., context_handle)           entry in the server's mapping table     OCTET STRING   message        = outgoing message plus TSIG                                   variables (as described in [RFC2845])  The OUTPUTS parameters returned by GSS_GetMIC include     INTEGER        major_status = GSS_S_COMPLETE     OCTET STRING   per_msg_token  Signature field in the TSIG record is set to per_msg_token.Kwan, et al.                Standards Track                    [Page 21]RFC 3645                        GSS-TSIG                    October 2003  XI.  Client processes token returned by server  Client receives the TKEY query response from the server.  Since the  major_status was GSS_S_COMPLETE in the last client's call to  GSS_Init_sec_context, the client verifies that the server's response  is signed.  To validate the signature, the client calls  GSS_VerifyMIC with the following parameters:   INPUTS     CONTEXT HANDLE context_handle = context_handle for                  789.client.example.com.server.example.com. key_name     OCTET STRING   message        = incoming message plus TSIG                                  variables (as described in [RFC2845])     OCTET STRING   per_msg_token  = Signature field from TSIG RR                  included in the server's query response  Since the OUTPUTS parameter major_status = GSS_S_COMPLETE, the  signature is validated, security negotiation is complete and the  security context state is advanced to Context Established.  These  client and server will use the established security context to sign  and validate the signatures when they exchange packets with each  other until the context expires.7.  Security Considerations   This document describes a protocol for DNS security using GSS-API.   The security provided by this protocol is only as effective as the   security provided by the underlying GSS mechanisms.   All the security considerations from RFC 2845, RFC 2930 and RFC 2743   apply to the protocol described in this document.8.  IANA Considerations   The IANA has reserved the TSIG Algorithm name gss-tsig for the use in   the Algorithm fields of TKEY and TSIG resource records.  This   Algorithm name refers to the algorithm described in this document.   The requirement to have this name registered with IANA is specified   in RFC 2845.9.  Conformance   The GSS API using SPNEGO [RFC2478] provides maximum flexibility to   choose the underlying security mechanisms that enables security   context negotiation.  GSS API using SPNEGO [RFC2478] enables client   and server to negotiate and choose such underlying security   mechanisms on the fly.  To support such flexibility, DNS clients and   servers SHOULD specify SPNEGO mech_type in their GSS API calls.  AtKwan, et al.                Standards Track                    [Page 22]RFC 3645                        GSS-TSIG                    October 2003   the same time, in order to guarantee interoperability between DNS   clients and servers that support GSS-TSIG it is required that   -  DNS servers specify SPNEGO mech_type   -  GSS APIs called by DNS client support Kerberos v5   -  GSS APIs called by DNS server support SPNEGO [RFC2478] and      Kerberos v5.   In addition to these, GSS APIs used by DNS client and server MAY also   support other underlying security mechanisms.10.  Intellectual Property Statement   The IETF takes no position regarding the validity or scope of any   intellectual property or other rights that might be claimed to   pertain to the implementation or use of the technology described in   this document or the extent to which any license under such rights   might or might not be available; neither does it represent that it   has made any effort to identify any such rights.  Information on the   IETF's procedures with respect to rights in standards-track and   standards-related documentation can be found in BCP-11.  Copies of   claims of rights made available for publication and any assurances of   licenses to be made available, or the result of an attempt made to   obtain a general license or permission for the use of such   proprietary rights by implementors or users of this specification can   be obtained from the IETF Secretariat.   The IETF invites any interested party to bring to its attention any   copyrights, patents or patent applications, or other proprietary   rights which may cover technology that may be required to practice   this standard.  Please address the information to the IETF Executive   Director.11.  Acknowledgements   The authors of this document would like to thank the following people   for their contribution to this specification:  Chuck Chan, Mike   Swift, Ram Viswanathan, Olafur Gudmundsson, Donald E. Eastlake, 3rd   and Erik Nordmark.Kwan, et al.                Standards Track                    [Page 23]RFC 3645                        GSS-TSIG                    October 200312.  References12.1.  Normative References   [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate             Requirement Levels", BCP 14, RFC 2119, March 1997.   [RFC2478] Baize, E. and D. Pinkas, "The Simple and Protected GSS-API             Negotiation Mechanism", RFC 2478, December 1998.   [RFC2743] Linn, J., "Generic Security Service Application Program             Interface, Version 2 , Update 1", RFC 2743, January 2000.   [RFC2845] Vixie, P., Gudmundsson, O., Eastlake 3rd, D. and B.             Wellington, "Secret Key Transaction Authentication for DNS             (TSIG)", RFC 2845, May 2000.   [RFC2930] Eastlake 3rd, D., "Secret Key Establishment for DNS (TKEY             RR)", RFC 2930, September 2000.12.2.  Informative References   [ISO11578] "Information technology", "Open Systems Interconnection",              "Remote Procedure Call", ISO/IEC 11578:1996,              http://www.iso.ch/cate/d2229.html.   [RFC1034] Mockapetris, P., "Domain Names - Concepts and Facilities",             STD 13, RFC 1034, November 1987.   [RFC1035] Mockapetris, P., "Domain Names - Implementation and             Specification", STD 13, RFC 1034, November 1987.   [RFC1964] Linn, J., "The Kerberos Version 5 GSS-API Mechanism", RFC             1964, June 1996.   [RFC2025] Adams, C., "The Simple Public-Key GSS-API Mechanism             (SPKM)", RFC 2025, October 1996.   [RFC2137] Eastlake 3rd, D., "Secure Domain Name System Dynamic             Update", RFC 2137, April 1997.   [RFC2535] Eastlake 3rd, D., "Domain Name System Security Extensions",             RFC 2535, March 1999.Kwan, et al.                Standards Track                    [Page 24]RFC 3645                        GSS-TSIG                    October 200313.  Authors' Addresses   Stuart Kwan   Microsoft Corporation   One Microsoft Way   Redmond, WA  98052   USA   EMail: skwan@microsoft.com   Praerit Garg   Microsoft Corporation   One Microsoft Way   Redmond, WA  98052   USA   EMail: praeritg@microsoft.com   James Gilroy   Microsoft Corporation   One Microsoft Way   Redmond, WA  98052   USA   EMail: jamesg@microsoft.com   Levon Esibov   Microsoft Corporation   One Microsoft Way   Redmond, WA  98052   USA   EMail: levone@microsoft.com   Randy Hall   Lucent Technologies   400 Lapp Road   Malvern PA 19355   USA   EMail: randyhall@lucent.com   Jeff Westhead   Microsoft Corporation   One Microsoft Way   Redmond, WA  98052   USA   EMail: jwesth@microsoft.comKwan, et al.                Standards Track                    [Page 25]RFC 3645                        GSS-TSIG                    October 200314.  Full Copyright Statement   Copyright (C) The Internet Society (2003).  All Rights Reserved.   This document and translations of it may be copied and furnished to   others, and derivative works that comment on or otherwise explain it   or assist in its implementation may be prepared, copied, published   and distributed, in whole or in part, without restriction of any   kind, provided that the above copyright notice and this paragraph are   included on all such copies and derivative works.  However, this   document itself may not be modified in any way, such as by removing   the copyright notice or references to the Internet Society or other   Internet organizations, except as needed for the purpose of   developing Internet standards in which case the procedures for   copyrights defined in the Internet Standards process must be   followed, or as required to translate it into languages other than   English.   The limited permissions granted above are perpetual and will not be   revoked by the Internet Society or its successors or assignees.   This document and the information contained herein is provided on an   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.Acknowledgement   Funding for the RFC Editor function is currently provided by the   Internet Society.Kwan, et al.                Standards Track                    [Page 26]