Dismiss
InnovationQ/InnovationQ Plus content will be updated on Sunday, June 25, 10am ET, with new patent and non-patent literature collections. Click here to learn more.
Browse Prior Art Database

Generic Security Service API Version 2 : C-bindings (RFC2744)

IP.com Disclosure Number: IPCOM000003341D
Original Publication Date: 2000-Jan-01
Included in the Prior Art Database: 2000-Sep-13

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Wray: AUTHOR

Abstract

This document specifies C language bindings for Version 2, Update 1 of the Generic Security Service Application Program Interface (GSS- API), which is described at a language-independent conceptual level in RFC-2743 [GSSAPI]. It obsoletes RFC-1509, making specific incremental changes in response to implementation experience and liaison requests. It is intended, therefore, that this memo or a successor version thereof will become the basis for subsequent progression of the GSS-API specification on the standards track.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 1% of the total text.

Network Working Group J. Wray

Request for Comments: 2744 Iris Associates

Obsoletes: 1509 January 2000

Category: Standards Track

Generic Security Service API Version 2 : C-bindings

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

This document specifies C language bindings for Version 2, Update 1

of the Generic Security Service Application Program Interface (GSS-

API), which is described at a language-independent conceptual level

in RFC-2743 [GSSAPI]. It obsoletes RFC-1509, making specific

incremental changes in response to implementation experience and

liaison requests. It is intended, therefore, that this memo or a

successor version thereof will become the basis for subsequent

progression of the GSS-API specification on the standards track.

The Generic Security Service Application Programming Interface

provides security services to its callers, and is intended for

implementation atop a variety of underlying cryptographic mechanisms.

Typically, GSS-API callers will be application protocols into which

security enhancements are integrated through invocation of services

provided by the GSS-API. The GSS-API allows a caller application to

authenticate a principal identity associated with a peer application,

to delegate rights to a peer, and to apply security services such as

confidentiality and integrity on a per-message basis.

1. Introduction

The Generic Security Service Application Programming Interface

[GSSAPI] provides security services to calling applications. It

allows a communicating application to authenticate the user

associated with another application, to delegate rights to another

application, and to apply security services such as confidentiality

and integrity on a per-message basis.

There are four stages to using the GSS-API:

a) The application acquires a set of credentials with which it may

prove its identity to other processes. The application's

credentials vouch for its global identity, which may or may not be

related to any local username under which it may be running.

b) A pair of communicating applications establish a joint security

context using their credentials. The security context is a pair

of GSS-API data structures that contain shared state information,

which is required in order that per-message security services may

be provided. Examples of state that might be shared between

applications as part of a s...