RFC 1508 (rfc1508) - Page 2 of 49

Generic Security Service Application Program Interface

Alternative Format: Original Text Document
< Previous
Next >
RFC 1508               Generic Security Interface         September 1993


   2. Interface Descriptions .....................................   15
   2.1.  Credential management calls .............................   17
   2.1.1.  GSS_Acquire_cred call .................................   17
   2.1.2.  GSS_Release_cred call .................................   19
   2.1.3.  GSS_Inquire_cred call .................................   20
   2.2.  Context-level calls .....................................   21
   2.2.1.  GSS_Init_sec_context call .............................   21
   2.2.2.  GSS_Accept_sec_context call ...........................   26
   2.2.3.  GSS_Delete_sec_context call ...........................   29
   2.2.4.  GSS_Process_context_token call ........................   30
   2.2.5.  GSS_Context_time call .................................   31
   2.3.  Per-message calls .......................................   32
   2.3.1.  GSS_Sign call .........................................   32
   2.3.2.  GSS_Verify call .......................................   33
   2.3.3.  GSS_Seal call .........................................   35
   2.3.4.  GSS_Unseal call .......................................   36
   2.4.  Support calls ...........................................   37
   2.4.1.  GSS_Display_status call ...............................   37
   2.4.2.  GSS_Indicate_mechs call ...............................   38
   2.4.3.  GSS_Compare_name call .................................   38
   2.4.4.  GSS_Display_name call .................................   39
   2.4.5.  GSS_Import_name call ..................................   40
   2.4.6.  GSS_Release_name call .................................   41
   2.4.7.  GSS_Release_buffer call ...............................   41
   2.4.8.  GSS_Release_oid_set call ..............................   42
   3. Mechanism-Specific Example Scenarios .......................   42
   3.1.  Kerberos V5, single-TGT .................................   43
   3.2.  Kerberos V5, double-TGT .................................   43
   3.3.  X.509 Authentication Framework ..........................   44
   4. Related Activities .........................................   45
   5. Acknowledgments ............................................   46
   6. Security Considerations ....................................   46
   7. Author's Address ...........................................   46
   Appendix A ....................................................   47
   Appendix B ....................................................   48
   Appendix C ....................................................   49

1. GSS-API Characteristics and Concepts

   The operational paradigm in which GSS-API operates is as follows. A
   typical GSS-API caller is itself a communications protocol, calling
   on GSS-API in order to protect its communications with
   authentication, integrity, and/or confidentiality security services.
   A GSS-API caller accepts tokens provided to it by its local GSS-API
   implementation and transfers the tokens to a peer on a remote system;
   that peer passes the received tokens to its local GSS-API
   implementation for processing. The security services available
   through GSS-API in this fashion are implementable (and have been



Linn
< Previous
Next >