RFC 2853 (rfc2853) - Page 1 of 96
Generic Security Service API Version 2 : Java Bindings
Alternative Format: Original Text Document
Network Working Group J. Kabat
Request for Comments: 2853 ValiCert, Inc.
Category: Standards Track M. Upadhyay
Sun Microsystems, Inc.
June 2000
Generic Security Service API Version 2 : Java Bindings
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
Abstract
The Generic Security Services Application Program Interface (GSS-API)
offers application programmers uniform access to security services
atop a variety of underlying cryptographic mechanisms. This document
specifies the Java bindings for GSS-API which is described at a
language independent conceptual level in RFC 2743 [GSSAPIv2-UPDATE].
The GSS-API allows a caller application to authenticate a principal
identity, to delegate rights to a peer, and to apply security
services such as confidentiality and integrity on a per-message
basis. Examples of security mechanisms defined for GSS-API are The
Simple Public-Key GSS-API Mechanism [SPKM] and The Kerberos Version 5
GSS-API Mechanism [KERBV5].
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 5
2. GSS-API Operational Paradigm . . . . . . . . . . . . . . . 6
3. Additional Controls . . . . . . . . . . . . . . . . . . . 8
3.1. Delegation . . . . . . . . . . . . . . . . . . . . . . . 9
3.2. Mutual Authentication . . . . . . . . . . . . . . . . . 10
3.3. Replay and Out-of-Sequence Detection . . . . . . . . . . 10
3.4. Anonymous Authentication . . . . . . . . . . . . . . . . 11
3.5. Confidentiality . . . . . . . . . . . . . . . . . . . . 12
3.6. Inter-process Context Transfer . . . . . . . . . . . . . 12
3.7. The Use of Incomplete Contexts . . . . . . . . . . . . . 13
Kabat & Upadhyay Standards Track