Browse Prior Art Database

Generic Security Service API Version 2 : Java Bindings (RFC2853)

IP.com Disclosure Number: IPCOM000003452D
Original Publication Date: 2000-Jun-01
Included in the Prior Art Database: 2019-Feb-13

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Kabat: AUTHOR [+1]

Related Documents

10.17487/RFC2853: DOI

Abstract

This document specifies the Java bindings for GSS-API (Generic Security Service Application Program Interface) which is described at a language independent conceptual level in RFC 2743. [STANDARDS-TRACK]

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 2% of the total text.

Network Working Group J. Kabat Request for Comments: 2853 ValiCert, Inc. Category: Standards Track M. Upadhyay Sun Microsystems, Inc. June 2000

Generic Security Service API Version 2 : Java Bindings

Status of this Memo

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

The Generic Security Services Application Program Interface (GSS-API) offers application programmers uniform access to security services atop a variety of underlying cryptographic mechanisms. This document specifies the Java bindings for GSS-API which is described at a language independent conceptual level in RFC 2743 [GSSAPIv2-UPDATE].

The GSS-API allows a caller application to authenticate a principal identity, to delegate rights to a peer, and to apply security services such as confidentiality and integrity on a per-message basis. Examples of security mechanisms defined for GSS-API are The Simple Public-Key GSS-API Mechanism [SPKM] and The Kerberos Version 5 GSS-API Mechanism [KERBV5].

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 5 2. GSS-API Operational Paradigm . . . . . . . . . . . . . . . 6 3. Additional Controls . . . . . . . . . . . . . . . . . . . 8 3.1. Delegation . . . . . . . . . . . . . . . . . . . . . . . 9 3.2. Mutual Authentication . . . . . . . . . . . . . . . . . 10 3.3. Replay and Out-of-Sequence Detection . . . . . . . . . . 10 3.4. Anonymous Authentication . . . . . . . . . . . . . . . . 11 3.5. Confidentiality . . . . . . . . . . . . . . . . . . . . 12 3.6. Inter-process Context Transfer . . . . . . . . . . . . . 12 3.7. The Use of Incomplete Contexts . . . . . . . . . . . . . 13

Kabat & Upadhyay Standards Track [Page 1]

RFC 2853 GSS-API Java Bindings June 2000

4. Calling Conventions . . . . . . . . . . . . . . . . . . . 13 4.1. Package Name . . . . . . . . . . . . . . . . . . . . . . 13 4.2. Provider Framework . . . . . . . . . . . . . . . . . . . 13 4.3. Integer types . . . . . . . . . . . . . . . . . . . . . 14 4.4. Opaque Data types . . . . . . . . . . . . . . . . . . . 14 4.5. Strings . . . . . . . . . . . . . . . . . . . . . . . . 15 4.6. Object Identifiers . . . . . . . . . . . . . . . . . . . 15 4.7. Object Identifier Sets . . . . . . . . . . . . . . . . . 15 4.8. Credentials . . . . . . . . . . . . . . . . . . . . . . 16 4.9. Contexts . . . . . . . . . . . . . . . . . . . . . . . . 18 4.10. Authentication tokens . . . . . . . . . . . . . . . . . 18 4.11. Interprocess tokens . . . . . . . . . . . . . . . . . . 18 4.12. Error Reporting . . . . . . . . . . . . . . . . . . . . 19 4.12.1. GSS status codes . . . . . . . . . . . . . . . . . . 19 4.12....

Processing...
Loading...