RFC 1509 (rfc1509) - Page 1 of 48


Generic Security Service API : C-bindings



Alternative Format: Original Text Document



Network Working Group                                            J. Wray
Request for Comments: 1509                 Digital Equipment Corporation
                                                          September 1993


               Generic Security Service API : C-bindings

Status of this Memo

   This RFC specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" for the standardization state and status
   of this protocol.  Distribution of this memo is unlimited.

Abstract

   This document specifies C language bindings for the Generic Security
   Service Application Program Interface (GSS-API), which is described
   at a language-independent conceptual level in other documents.

   The Generic Security Service Application Programming Interface (GSS-
   API) provides security services to its callers, and is intended for
   implementation atop alternative underlying cryptographic mechanisms.
   Typically, GSS-API callers will be application protocols into which
   security enhancements are integrated through invocation of services
   provided by the GSS-API. The GSS-API allows a caller application to
   authenticate a principal identity associated with a peer application,
   to delegate rights to a peer, and to apply security services such as
   confidentiality and integrity on a per-message basis.

1. INTRODUCTION

   The Generic Security Service Application Programming Interface [1]
   provides security services to calling applications.  It allows a
   communicating application to authenticate the user associated with
   another application, to delegate rights to another application, and
   to apply security services such as confidentiality and integrity on a
   per-message basis.

   There are four stages to using the GSSAPI:

   (a) The application acquires a set of credentials with which it may
       prove its identity to other processes.  The application's
       credentials vouch for its global identity, which may or may not
       be related to the local username under which it is running.





Wray