Browse Prior Art Database

GSS-API Authentication Method for SOCKS Version 5 (RFC1961)

IP.com Disclosure Number: IPCOM000004186D
Original Publication Date: 1996-Jun-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 7 page(s) / 15K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

P. McMahon: AUTHOR

Abstract

GSS-API provides an abstract interface which provides security services for use in distributed applications, but isolates callers from specific security mechanisms and implementations.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 18% of the total text.

Network Working Group P. McMahon

Request for Comments: 1961 ICL

Category: Standards Track June 1996

GSS-API Authentication Method for SOCKS Version 5

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Table of Contents

1. Purpose ............................................ 1

2. Introduction ....................................... 1

3. GSS-API Security Context Establishment ............. 2

4. GSS-API Protection-level Options ................... 5

5. GSS-API Per-message Protection ..................... 7

6. GSS-API Security Context Termination ............... 8

7. References ......................................... 8

8. Acknowledgments .................................... 8

9. Security Considerations ............................ 8

10. Author's Address .................................. 9

1. Purpose

The protocol specification for SOCKS Version 5 specifies a

generalized framework for the use of arbitrary authentication

protocols in the initial SOCKS connection setup. This document

provides the specification for the SOCKS V5 GSS-API authentication

protocol, and defines a GSS-API-based encapsulation for provision of

integrity, authentication and optional confidentiality.

2. Introduction

GSS-API provides an abstract interface which provides security

services for use in distributed applications, but isolates callers

from specific security mechanisms and implementations.

GSS-API peers achieve interoperability by establishing a common

security mechanism for security context establishment - either

through administrative action, or through negotiation. GSS-API is

specified in [RFC 1508], and [RFC 1509]. This specification is

intended for use with implementations of GSS-API, and the emerging

GSS-API V2 specification.

The approach for use of GSS-API in SOCKS V5 is to authenticate the

client and server by successfully establishing a GSS-API security

context - such that the GSS-API encapsulates any negotiation protocol

for mechanism selection, and the agreement of security service

options.

The GSS-API enables the context initiator to know what security

services t...