The sections in this chapter provide additional resources that can help you take advantage of authentication, authorization, and permissions.
Apple’s Open Source Security Code
To see which security protocols and algorithms are supported by Apple’s OS X security implementation, see the documentation provided with the Open Source security code, which you can download at Apple’s Open Source page, and the Security Release Notes in the latest Xcode Tools from Apple.
Standards and Protocols
For information on standards, protocols, and algorithms used by Apple, see the following sources:
The authentication model for HTTP is described in RFC 2617, HTTP Authentication: Basic and Digest Access Authentication.
For information on the TLS protocol, see the IETF TLS working group website.
CDSA, implemented as part of the OS X security architecture, is an Open Source standard by the Open Group (described in their CDSA security forum). For an introduction to CDSA, see CDSA Explained, second edition, from the Open Group. The CDSA/CSSM technical standard is Common Security: CDSA and CSSM, version 2 (with corrigenda), also from the Open Group.
Documentation of the AES encryption algorithm used for FileVault is available on the National Institute of Standards and Technology (NIST) website.
See OS X Server Open Directory Administration, available at Apple's OS X Server resources site, for details on the services that support Kerberos and on how to implement a Kerberos KDC on your OS X server.