 a5cbba0d6b
			
		
	
	a5cbba0d6b
	
	
	
		
			
			git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7912 ec53bebd-3082-4978-b11e-865c3cabbd6b
		
			
				
	
	
		
			5660 lines
		
	
	
		
			224 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			5660 lines
		
	
	
		
			224 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Network Working Group                                            J. Linn
 | ||
| Request for Comments: 2743                              RSA Laboratories
 | ||
| Obsoletes: 2078                                             January 2000
 | ||
| Category: Standards Track
 | ||
| 
 | ||
| 
 | ||
|          Generic Security Service Application Program Interface
 | ||
|                           Version 2, Update 1
 | ||
| 
 | ||
| 
 | ||
| Status of this Memo
 | ||
| 
 | ||
|    This document specifies an Internet standards track protocol for the
 | ||
|    Internet community, and requests discussion and suggestions for
 | ||
|    improvements.  Please refer to the current edition of the "Internet
 | ||
|    Official Protocol Standards" (STD 1) for the standardization state
 | ||
|    and status of this protocol.  Distribution of this memo is unlimited.
 | ||
| 
 | ||
| Copyright Notice
 | ||
| 
 | ||
|    Copyright (C) The Internet Society (2000).  All Rights Reserved.
 | ||
| 
 | ||
| Abstract
 | ||
| 
 | ||
|    The Generic Security Service Application Program Interface (GSS-API),
 | ||
|    Version 2, as defined in [RFC-2078], provides security services to
 | ||
|    callers in a generic fashion, supportable with a range of underlying
 | ||
|    mechanisms and technologies and hence allowing source-level
 | ||
|    portability of applications to different environments. This
 | ||
|    specification defines GSS-API services and primitives at a level
 | ||
|    independent of underlying mechanism and programming language
 | ||
|    environment, and is to be complemented by other, related
 | ||
|    specifications:
 | ||
| 
 | ||
|       documents defining specific parameter bindings for particular
 | ||
|       language environments
 | ||
| 
 | ||
|       documents defining token formats, protocols, and procedures to be
 | ||
|       implemented in order to realize GSS-API services atop particular
 | ||
|       security mechanisms
 | ||
| 
 | ||
|    This memo obsoletes [RFC-2078], making specific, incremental changes
 | ||
|    in response to implementation experience and liaison requests. It is
 | ||
|    intended, therefore, that this memo or a successor version thereto
 | ||
|    will become the basis for subsequent progression of the GSS-API
 | ||
|    specification on the standards track.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 1]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| TABLE OF CONTENTS
 | ||
| 
 | ||
|    1: GSS-API Characteristics and Concepts . . . . . . . . . . . .  4
 | ||
|    1.1: GSS-API Constructs . . . . . . . . . . . . . . . . . . . .  6
 | ||
|    1.1.1:  Credentials . . . . . . . . . . . . . . . . . . . . . .  6
 | ||
|    1.1.1.1: Credential Constructs and Concepts . . . . . . . . . .  6
 | ||
|    1.1.1.2: Credential Management  . . . . . . . . . . . . . . . .  7
 | ||
|    1.1.1.3: Default Credential Resolution  . . . . . . . . . . . .  8
 | ||
|    1.1.2: Tokens . . . . . . . . . . . . . . . . . . . . . . . . .  9
 | ||
|    1.1.3:  Security Contexts . . . . . . . . . . . . . . . . . . . 11
 | ||
|    1.1.4:  Mechanism Types . . . . . . . . . . . . . . . . . . . . 12
 | ||
|    1.1.5:  Naming  . . . . . . . . . . . . . . . . . . . . . . . . 13
 | ||
|    1.1.6:  Channel Bindings  . . . . . . . . . . . . . . . . . . . 16
 | ||
|    1.2:  GSS-API Features and Issues . . . . . . . . . . . . . . . 17
 | ||
|    1.2.1:  Status Reporting  and Optional Service Support  . . . . 17
 | ||
|    1.2.1.1: Status Reporting . . . . . . . . . . . . . . . . . . . 17
 | ||
|    1.2.1.2: Optional Service Support . . . . . . . . . . . . . . . 19
 | ||
|    1.2.2: Per-Message Security Service Availability  . . . . . . . 20
 | ||
|    1.2.3: Per-Message Replay Detection and Sequencing  . . . . . . 21
 | ||
|    1.2.4:  Quality of Protection . . . . . . . . . . . . . . . . . 24
 | ||
|    1.2.5: Anonymity Support  . . . . . . . . . . . . . . . . . . . 25
 | ||
|    1.2.6: Initialization . . . . . . . . . . . . . . . . . . . . . 25
 | ||
|    1.2.7: Per-Message Protection During Context Establishment  . . 26
 | ||
|    1.2.8: Implementation Robustness  . . . . . . . . . . . . . . . 27
 | ||
|    1.2.9: Delegation . . . . . . . . . . . . . . . . . . . . . . . 28
 | ||
|    1.2.10: Interprocess Context Transfer . . . . . . . . . . . . . 28
 | ||
|    2:  Interface Descriptions  . . . . . . . . . . . . . . . . . . 29
 | ||
|    2.1:  Credential management calls . . . . . . . . . . . . . . . 31
 | ||
|    2.1.1:  GSS_Acquire_cred call . . . . . . . . . . . . . . . . . 31
 | ||
|    2.1.2:  GSS_Release_cred call . . . . . . . . . . . . . . . . . 34
 | ||
|    2.1.3:  GSS_Inquire_cred call . . . . . . . . . . . . . . . . . 35
 | ||
|    2.1.4:  GSS_Add_cred call . . . . . . . . . . . . . . . . . . . 37
 | ||
|    2.1.5:  GSS_Inquire_cred_by_mech call . . . . . . . . . . . . . 40
 | ||
|    2.2:  Context-level calls . . . . . . . . . . . . . . . . . . . 41
 | ||
|    2.2.1:  GSS_Init_sec_context call . . . . . . . . . . . . . . . 42
 | ||
|    2.2.2:  GSS_Accept_sec_context call . . . . . . . . . . . . . . 49
 | ||
|    2.2.3:  GSS_Delete_sec_context call . . . . . . . . . . . . . . 53
 | ||
|    2.2.4:  GSS_Process_context_token call  . . . . . . . . . . . . 54
 | ||
|    2.2.5:  GSS_Context_time call . . . . . . . . . . . . . . . . . 55
 | ||
|    2.2.6:  GSS_Inquire_context call  . . . . . . . . . . . . . . . 56
 | ||
|    2.2.7:  GSS_Wrap_size_limit call  . . . . . . . . . . . . . . . 57
 | ||
|    2.2.8:  GSS_Export_sec_context call . . . . . . . . . . . . . . 59
 | ||
|    2.2.9:  GSS_Import_sec_context call . . . . . . . . . . . . . . 61
 | ||
|    2.3:  Per-message calls . . . . . . . . . . . . . . . . . . . . 62
 | ||
|    2.3.1:  GSS_GetMIC call . . . . . . . . . . . . . . . . . . . . 63
 | ||
|    2.3.2:  GSS_VerifyMIC call  . . . . . . . . . . . . . . . . . . 64
 | ||
|    2.3.3:  GSS_Wrap call . . . . . . . . . . . . . . . . . . . . . 65
 | ||
|    2.3.4:  GSS_Unwrap call . . . . . . . . . . . . . . . . . . . . 66
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 2]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    2.4:  Support calls . . . . . . . . . . . . . . . . . . . . . . 68
 | ||
|    2.4.1:  GSS_Display_status call . . . . . . . . . . . . . . . . 68
 | ||
|    2.4.2:  GSS_Indicate_mechs call . . . . . . . . . . . . . . . . 69
 | ||
|    2.4.3:  GSS_Compare_name call . . . . . . . . . . . . . . . . . 70
 | ||
|    2.4.4:  GSS_Display_name call . . . . . . . . . . . . . . . . . 71
 | ||
|    2.4.5:  GSS_Import_name call  . . . . . . . . . . . . . . . . . 72
 | ||
|    2.4.6:  GSS_Release_name call . . . . . . . . . . . . . . . . . 73
 | ||
|    2.4.7:  GSS_Release_buffer call . . . . . . . . . . . . . . . . 74
 | ||
|    2.4.8:  GSS_Release_OID_set call  . . . . . . . . . . . . . . . 74
 | ||
|    2.4.9:  GSS_Create_empty_OID_set call . . . . . . . . . . . . . 75
 | ||
|    2.4.10: GSS_Add_OID_set_member call . . . . . . . . . . . . . . 76
 | ||
|    2.4.11: GSS_Test_OID_set_member call  . . . . . . . . . . . . . 76
 | ||
|    2.4.12: GSS_Inquire_names_for_mech call . . . . . . . . . . . . 77
 | ||
|    2.4.13: GSS_Inquire_mechs_for_name call . . . . . . . . . . . . 77
 | ||
|    2.4.14: GSS_Canonicalize_name call  . . . . . . . . . . . . . . 78
 | ||
|    2.4.15: GSS_Export_name call  . . . . . . . . . . . . . . . . . 79
 | ||
|    2.4.16: GSS_Duplicate_name call . . . . . . . . . . . . . . . . 80
 | ||
|    3: Data Structure Definitions for GSS-V2 Usage  . . . . . . . . 81
 | ||
|    3.1: Mechanism-Independent Token Format . . . . . . . . . . . . 81
 | ||
|    3.2: Mechanism-Independent Exported Name Object Format  . . . . 84
 | ||
|    4: Name Type Definitions  . . . . . . . . . . . . . . . . . . . 85
 | ||
|    4.1: Host-Based Service Name Form . . . . . . . . . . . . . . . 85
 | ||
|    4.2: User Name Form . . . . . . . . . . . . . . . . . . . . . . 86
 | ||
|    4.3: Machine UID Form . . . . . . . . . . . . . . . . . . . . . 87
 | ||
|    4.4: String UID Form  . . . . . . . . . . . . . . . . . . . . . 87
 | ||
|    4.5: Anonymous Nametype . . . . . . . . . . . . . . . . . . . . 87
 | ||
|    4.6: GSS_C_NO_OID . . . . . . . . . . . . . . . . . . . . . . . 88
 | ||
|    4.7: Exported Name Object . . . . . . . . . . . . . . . . . . . 88
 | ||
|    4.8: GSS_C_NO_NAME  . . . . . . . . . . . . . . . . . . . . . . 88
 | ||
|    5:  Mechanism-Specific Example Scenarios  . . . . . . . . . . . 88
 | ||
|    5.1: Kerberos V5, single-TGT  . . . . . . . . . . . . . . . . . 89
 | ||
|    5.2: Kerberos V5, double-TGT  . . . . . . . . . . . . . . . . . 89
 | ||
|    5.3:  X.509 Authentication Framework  . . . . . . . . . . . . . 90
 | ||
|    6:  Security Considerations . . . . . . . . . . . . . . . . . . 91
 | ||
|    7:  Related Activities  . . . . . . . . . . . . . . . . . . . . 92
 | ||
|    8:  Referenced Documents  . . . . . . . . . . . . . . . . . . . 93
 | ||
|    Appendix A: Mechanism Design Constraints  . . . . . . . . . . . 94
 | ||
|    Appendix B: Compatibility with GSS-V1 . . . . . . . . . . . . . 94
 | ||
|    Appendix C: Changes Relative to RFC-2078  . . . . . . . . . . . 96
 | ||
|    Author's Address  . . . . . . . . . . . . . . . . . . . . . . .100
 | ||
|    Full Copyright Statement  . . . . . . . . . . . . . . . . . . .101
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 3]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 1: GSS-API Characteristics and Concepts
 | ||
| 
 | ||
|    GSS-API operates in the following paradigm.  A typical GSS-API caller
 | ||
|    is itself a communications protocol, calling on GSS-API in order to
 | ||
|    protect its communications with authentication, integrity, and/or
 | ||
|    confidentiality security services.  A GSS-API caller accepts tokens
 | ||
|    provided to it by its local GSS-API implementation and transfers the
 | ||
|    tokens to a peer on a remote system; that peer passes the received
 | ||
|    tokens to its local GSS-API implementation for processing. The
 | ||
|    security services available through GSS-API in this fashion are
 | ||
|    implementable (and have been implemented) over a range of underlying
 | ||
|    mechanisms based on secret-key and public-key cryptographic
 | ||
|    technologies.
 | ||
| 
 | ||
|    The GSS-API separates the operations of initializing a security
 | ||
|    context between peers, achieving peer entity authentication
 | ||
|    (GSS_Init_sec_context() and GSS_Accept_sec_context() calls), from the
 | ||
|    operations of providing per-message data origin authentication and
 | ||
|    data integrity protection (GSS_GetMIC() and GSS_VerifyMIC() calls)
 | ||
|    for messages subsequently transferred in conjunction with that
 | ||
|    context.  (The definition for the peer entity authentication service,
 | ||
|    and other definitions used in this document, corresponds to that
 | ||
|    provided in [ISO-7498-2].) When establishing a security context, the
 | ||
|    GSS-API enables a context initiator to optionally permit its
 | ||
|    credentials to be delegated, meaning that the context acceptor may
 | ||
|    initiate further security contexts on behalf of the initiating
 | ||
|    caller. Per-message GSS_Wrap() and GSS_Unwrap() calls provide the
 | ||
|    data origin authentication and data integrity services which
 | ||
|    GSS_GetMIC() and GSS_VerifyMIC() offer, and also support selection of
 | ||
|    confidentiality services as a caller option. Additional calls provide
 | ||
|    supportive functions to the GSS-API's users.
 | ||
| 
 | ||
|    The following paragraphs provide an example illustrating the
 | ||
|    dataflows involved in use of the GSS-API by a client and server in a
 | ||
|    mechanism-independent fashion, establishing a security context and
 | ||
|    transferring a protected message. The example assumes that credential
 | ||
|    acquisition has already been completed.  The example also assumes
 | ||
|    that the underlying authentication technology is capable of
 | ||
|    authenticating a client to a server using elements carried within a
 | ||
|    single token, and of authenticating the server to the client (mutual
 | ||
|    authentication) with a single returned token; this assumption holds
 | ||
|    for some presently-documented CAT mechanisms but is not necessarily
 | ||
|    true for other cryptographic technologies and associated protocols.
 | ||
| 
 | ||
|    The client calls GSS_Init_sec_context() to establish a security
 | ||
|    context to the server identified by targ_name, and elects to set the
 | ||
|    mutual_req_flag so that mutual authentication is performed in the
 | ||
|    course of context establishment. GSS_Init_sec_context() returns an
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 4]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    output_token to be passed to the server, and indicates
 | ||
|    GSS_S_CONTINUE_NEEDED status pending completion of the mutual
 | ||
|    authentication sequence. Had mutual_req_flag not been set, the
 | ||
|    initial call to GSS_Init_sec_context() would have returned
 | ||
|    GSS_S_COMPLETE status. The client sends the output_token to the
 | ||
|    server.
 | ||
| 
 | ||
|    The server passes the received token as the input_token parameter to
 | ||
|    GSS_Accept_sec_context().  GSS_Accept_sec_context indicates
 | ||
|    GSS_S_COMPLETE status, provides the client's authenticated identity
 | ||
|    in the src_name result, and provides an output_token to be passed to
 | ||
|    the client. The server sends the output_token to the client.
 | ||
| 
 | ||
|    The client passes the received token as the input_token parameter to
 | ||
|    a successor call to GSS_Init_sec_context(), which processes data
 | ||
|    included in the token in order to achieve mutual authentication from
 | ||
|    the client's viewpoint. This call to GSS_Init_sec_context() returns
 | ||
|    GSS_S_COMPLETE status, indicating successful mutual authentication
 | ||
|    and the completion of context establishment for this example.
 | ||
| 
 | ||
|    The client generates a data message and passes it to GSS_Wrap().
 | ||
|    GSS_Wrap() performs data origin authentication, data integrity, and
 | ||
|    (optionally) confidentiality processing on the message and
 | ||
|    encapsulates the result into output_message, indicating
 | ||
|    GSS_S_COMPLETE status. The client sends the output_message to the
 | ||
|    server.
 | ||
| 
 | ||
|    The server passes the received message to GSS_Unwrap().  GSS_Unwrap()
 | ||
|    inverts the encapsulation performed by GSS_Wrap(), deciphers the
 | ||
|    message if the optional confidentiality feature was applied, and
 | ||
|    validates the data origin authentication and data integrity checking
 | ||
|    quantities. GSS_Unwrap() indicates successful validation by returning
 | ||
|    GSS_S_COMPLETE status along with the resultant output_message.
 | ||
| 
 | ||
|    For purposes of this example, we assume that the server knows by
 | ||
|    out-of-band means that this context will have no further use after
 | ||
|    one protected message is transferred from client to server. Given
 | ||
|    this premise, the server now calls GSS_Delete_sec_context() to flush
 | ||
|    context-level information.  Optionally, the server-side application
 | ||
|    may provide a token buffer to GSS_Delete_sec_context(), to receive a
 | ||
|    context_token to be transferred to the client in order to request
 | ||
|    that client-side context-level information be deleted.
 | ||
| 
 | ||
|    If a context_token is transferred, the client passes the
 | ||
|    context_token to GSS_Process_context_token(), which returns
 | ||
|    GSS_S_COMPLETE status after deleting context-level information at the
 | ||
|    client system.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 5]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    The GSS-API design assumes and addresses several basic goals,
 | ||
|    including:
 | ||
| 
 | ||
|       Mechanism independence: The GSS-API defines an interface to
 | ||
|       cryptographically implemented strong authentication and other
 | ||
|       security services at a generic level which is independent of
 | ||
|       particular underlying mechanisms. For example, GSS-API-provided
 | ||
|       services have been implemented using secret-key technologies
 | ||
|       (e.g., Kerberos, per [RFC-1964]) and with public-key approaches
 | ||
|       (e.g., SPKM, per [RFC-2025]).
 | ||
| 
 | ||
|       Protocol environment independence: The GSS-API is independent of
 | ||
|       the communications protocol suites with which it is employed,
 | ||
|       permitting use in a broad range of protocol environments. In
 | ||
|       appropriate environments, an intermediate implementation "veneer"
 | ||
|       which is oriented to a particular communication protocol may be
 | ||
|       interposed between applications which call that protocol and the
 | ||
|       GSS-API (e.g., as defined in [RFC-2203] for Open Network Computing
 | ||
|       Remote Procedure Call (RPC)), thereby invoking GSS-API facilities
 | ||
|       in conjunction with that protocol's communications invocations.
 | ||
| 
 | ||
|       Protocol association independence: The GSS-API's security context
 | ||
|       construct is independent of communications protocol association
 | ||
|       constructs. This characteristic allows a single GSS-API
 | ||
|       implementation to be utilized by a variety of invoking protocol
 | ||
|       modules on behalf of those modules' calling applications. GSS-API
 | ||
|       services can also be invoked directly by applications, wholly
 | ||
|       independent of protocol associations.
 | ||
| 
 | ||
|       Suitability to a range of implementation placements: GSS-API
 | ||
|       clients are not constrained to reside within any Trusted Computing
 | ||
|       Base (TCB) perimeter defined on a system where the GSS-API is
 | ||
|       implemented; security services are specified in a manner suitable
 | ||
|       to both intra-TCB and extra-TCB callers.
 | ||
| 
 | ||
| 1.1: GSS-API Constructs
 | ||
| 
 | ||
|    This section describes the basic elements comprising the GSS-API.
 | ||
| 
 | ||
| 1.1.1:  Credentials
 | ||
| 
 | ||
| 1.1.1.1: Credential Constructs and Concepts
 | ||
| 
 | ||
|    Credentials provide the prerequisites which permit GSS-API peers to
 | ||
|    establish security contexts with each other. A caller may designate
 | ||
|    that the credential elements which are to be applied for context
 | ||
|    initiation or acceptance be selected by default.  Alternately, those
 | ||
|    GSS-API callers which need to make explicit selection of particular
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 6]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    credentials structures may make references to those credentials
 | ||
|    through GSS-API-provided credential handles ("cred_handles").  In all
 | ||
|    cases, callers' credential references are indirect, mediated by GSS-
 | ||
|    API implementations and not requiring callers to access the selected
 | ||
|    credential elements.
 | ||
| 
 | ||
|    A single credential structure may be used to initiate outbound
 | ||
|    contexts and to accept inbound contexts. Callers needing to operate
 | ||
|    in only one of these modes may designate this fact when credentials
 | ||
|    are acquired for use, allowing underlying mechanisms to optimize
 | ||
|    their processing and storage requirements. The credential elements
 | ||
|    defined by a particular mechanism may contain multiple cryptographic
 | ||
|    keys, e.g., to enable authentication and message encryption to be
 | ||
|    performed with different algorithms.
 | ||
| 
 | ||
|    A GSS-API credential structure may contain multiple credential
 | ||
|    elements, each containing mechanism-specific information for a
 | ||
|    particular underlying mechanism (mech_type), but the set of elements
 | ||
|    within a given credential structure represent a common entity.  A
 | ||
|    credential structure's contents will vary depending on the set of
 | ||
|    mech_types supported by a particular GSS-API implementation. Each
 | ||
|    credential element identifies the data needed by its mechanism in
 | ||
|    order to establish contexts on behalf of a particular principal, and
 | ||
|    may contain separate credential references for use in context
 | ||
|    initiation and context acceptance.  Multiple credential elements
 | ||
|    within a given credential having overlapping combinations of
 | ||
|    mechanism, usage mode, and validity period are not permitted.
 | ||
| 
 | ||
|    Commonly, a single mech_type will be used for all security contexts
 | ||
|    established by a particular initiator to a particular target. A major
 | ||
|    motivation for supporting credential sets representing multiple
 | ||
|    mech_types is to allow initiators on systems which are equipped to
 | ||
|    handle multiple types to initiate contexts to targets on other
 | ||
|    systems which can accommodate only a subset of the set supported at
 | ||
|    the initiator's system.
 | ||
| 
 | ||
| 1.1.1.2: Credential Management
 | ||
| 
 | ||
|    It is the responsibility of underlying system-specific mechanisms and
 | ||
|    OS functions below the GSS-API to ensure that the ability to acquire
 | ||
|    and use credentials associated with a given identity is constrained
 | ||
|    to appropriate processes within a system. This responsibility should
 | ||
|    be taken seriously by implementors, as the ability for an entity to
 | ||
|    utilize a principal's credentials is equivalent to the entity's
 | ||
|    ability to successfully assert that principal's identity.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 7]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Once a set of GSS-API credentials is established, the transferability
 | ||
|    of that credentials set to other processes or analogous constructs
 | ||
|    within a system is a local matter, not defined by the GSS-API. An
 | ||
|    example local policy would be one in which any credentials received
 | ||
|    as a result of login to a given user account, or of delegation of
 | ||
|    rights to that account, are accessible by, or transferable to,
 | ||
|    processes running under that account.
 | ||
| 
 | ||
|    The credential establishment process (particularly when performed on
 | ||
|    behalf of users rather than server processes) is likely to require
 | ||
|    access to passwords or other quantities which should be protected
 | ||
|    locally and exposed for the shortest time possible. As a result, it
 | ||
|    will often be appropriate for preliminary credential establishment to
 | ||
|    be performed through local means at user login time, with the
 | ||
|    result(s) cached for subsequent reference. These preliminary
 | ||
|    credentials would be set aside (in a system-specific fashion) for
 | ||
|    subsequent use, either:
 | ||
| 
 | ||
|       to be accessed by an invocation of the GSS-API GSS_Acquire_cred()
 | ||
|       call, returning an explicit handle to reference that credential
 | ||
| 
 | ||
|       to comprise default credential elements to be installed, and to be
 | ||
|       used when default credential behavior is requested on behalf of a
 | ||
|       process
 | ||
| 
 | ||
| 1.1.1.3: Default Credential Resolution
 | ||
| 
 | ||
|    The GSS_Init_sec_context() and GSS_Accept_sec_context() routines
 | ||
|    allow the value GSS_C_NO_CREDENTIAL to be specified as their
 | ||
|    credential handle parameter.  This special credential handle
 | ||
|    indicates a desire by the application to act as a default principal.
 | ||
|    In support of application portability, support for the default
 | ||
|    resolution behavior described below for initiator credentials
 | ||
|    (GSS_Init_sec_context() usage) is mandated; support for the default
 | ||
|    resolution behavior described below for acceptor credentials
 | ||
|    (GSS_Accept_sec_context() usage) is recommended. If default
 | ||
|    credential resolution fails, GSS_S_NO_CRED status is to be returned.
 | ||
| 
 | ||
|       GSS_Init_sec_context:
 | ||
| 
 | ||
|          (i) If there is only a single principal capable of initiating
 | ||
|          security contexts that the application is authorized to act on
 | ||
|          behalf of, then that principal shall be used, otherwise
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 8]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|          (ii) If the platform maintains a concept of a default network-
 | ||
|          identity, and if the application is authorized to act on behalf
 | ||
|          of that identity for the purpose of initiating security
 | ||
|          contexts, then the principal corresponding to that identity
 | ||
|          shall be used, otherwise
 | ||
| 
 | ||
|          (iii) If the platform maintains a concept of a default local
 | ||
|          identity, and provides a means to map local identities into
 | ||
|          network-identities, and if the application is authorized to act
 | ||
|          on behalf of the network-identity image of the default local
 | ||
|          identity for the purpose of initiating security contexts, then
 | ||
|          the principal corresponding to that identity shall be used,
 | ||
|          otherwise
 | ||
| 
 | ||
|          (iv) A user-configurable default identity should be used.
 | ||
| 
 | ||
|       GSS_Accept_sec_context:
 | ||
| 
 | ||
|          (i) If there is only a single authorized principal identity
 | ||
|          capable of accepting security contexts, then that principal
 | ||
|          shall be used, otherwise
 | ||
| 
 | ||
|          (ii) If the mechanism can determine the identity of the target
 | ||
|          principal by examining the context-establishment token, and if
 | ||
|          the accepting application is authorized to act as that
 | ||
|          principal for the purpose of accepting security contexts, then
 | ||
|          that principal identity shall be used, otherwise
 | ||
| 
 | ||
|          (iii) If the mechanism supports context acceptance by any
 | ||
|          principal, and mutual authentication was not requested, any
 | ||
|          principal that the application is authorized to accept security
 | ||
|          contexts under may be used, otherwise
 | ||
| 
 | ||
|          (iv) A user-configurable default identity shall be used.
 | ||
| 
 | ||
|    The purpose of the above rules is to allow security contexts to be
 | ||
|    established by both initiator and acceptor using the default behavior
 | ||
|    wherever possible.  Applications requesting default behavior are
 | ||
|    likely to be more portable across mechanisms and platforms than those
 | ||
|    that use GSS_Acquire_cred() to request a specific identity.
 | ||
| 
 | ||
| 1.1.2: Tokens
 | ||
| 
 | ||
|    Tokens are data elements transferred between GSS-API callers, and are
 | ||
|    divided into two classes. Context-level tokens are exchanged in order
 | ||
|    to establish and manage a security context between peers. Per-message
 | ||
|    tokens relate to an established context and are exchanged to provide
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                     [Page 9]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    protective security services (i.e., data origin authentication,
 | ||
|    integrity, and optional confidentiality) for corresponding data
 | ||
|    messages.
 | ||
| 
 | ||
|    The first context-level token obtained from GSS_Init_sec_context() is
 | ||
|    required to indicate at its very beginning a globally-interpretable
 | ||
|    mechanism identifier, i.e., an Object Identifier (OID) of the
 | ||
|    security mechanism. The remaining part of this token as well as the
 | ||
|    whole content of all other tokens are specific to the particular
 | ||
|    underlying mechanism used to support the GSS-API. Section 3.1 of this
 | ||
|    document provides, for designers of GSS-API mechanisms, the
 | ||
|    description of the header of the first context-level token which is
 | ||
|    then followed by mechanism-specific information.
 | ||
| 
 | ||
|    Tokens' contents are opaque from the viewpoint of GSS-API callers.
 | ||
|    They are generated within the GSS-API implementation at an end
 | ||
|    system, provided to a GSS-API caller to be transferred to the peer
 | ||
|    GSS-API caller at a remote end system, and processed by the GSS-API
 | ||
|    implementation at that remote end system.
 | ||
| 
 | ||
|    Context-level tokens may be output by GSS-API calls (and should be
 | ||
|    transferred to GSS-API peers) whether or not the calls' status
 | ||
|    indicators indicate successful completion.  Per-message tokens, in
 | ||
|    contrast, are to be returned only upon successful completion of per-
 | ||
|    message calls. Zero-length tokens are never returned by GSS routines
 | ||
|    for transfer to a peer. Token transfer may take place in an in-band
 | ||
|    manner, integrated into the same protocol stream used by the GSS-API
 | ||
|    callers for other data transfers, or in an out-of-band manner across
 | ||
|    a logically separate channel.
 | ||
| 
 | ||
|    Different GSS-API tokens are used for different purposes (e.g.,
 | ||
|    context initiation, context acceptance, protected message data on an
 | ||
|    established context), and it is the responsibility of a GSS-API
 | ||
|    caller receiving tokens to distinguish their types, associate them
 | ||
|    with corresponding security contexts, and pass them to appropriate
 | ||
|    GSS-API processing routines.  Depending on the caller protocol
 | ||
|    environment, this distinction may be accomplished in several ways.
 | ||
| 
 | ||
|    The following examples illustrate means through which tokens' types
 | ||
|    may be distinguished:
 | ||
| 
 | ||
|       - implicit tagging based on state information (e.g., all tokens on
 | ||
|       a new association are considered to be context establishment
 | ||
|       tokens until context establishment is completed, at which point
 | ||
|       all tokens are considered to be wrapped data objects for that
 | ||
|       context),
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 10]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       - explicit tagging at the caller protocol level,
 | ||
| 
 | ||
|       - a hybrid of these approaches.
 | ||
| 
 | ||
|    Commonly, the encapsulated data within a token includes internal
 | ||
|    mechanism-specific tagging information, enabling mechanism-level
 | ||
|    processing modules to distinguish tokens used within the mechanism
 | ||
|    for different purposes.  Such internal mechanism-level tagging is
 | ||
|    recommended to mechanism designers, and enables mechanisms to
 | ||
|    determine whether a caller has passed a particular token for
 | ||
|    processing by an inappropriate GSS-API routine.
 | ||
| 
 | ||
|    Development of GSS-API mechanisms based on a particular underlying
 | ||
|    cryptographic technique and protocol (i.e., conformant to a specific
 | ||
|    GSS-API mechanism definition) does not necessarily imply that GSS-API
 | ||
|    callers using that GSS-API mechanism will be able to interoperate
 | ||
|    with peers invoking the same technique and protocol outside the GSS-
 | ||
|    API paradigm, or with peers implementing a different GSS-API
 | ||
|    mechanism based on the same underlying technology.  The format of
 | ||
|    GSS-API tokens defined in conjunction with a particular mechanism,
 | ||
|    and the techniques used to integrate those tokens into callers'
 | ||
|    protocols, may not be interoperable with the tokens used by non-GSS-
 | ||
|    API callers of the same underlying technique.
 | ||
| 
 | ||
| 1.1.3:  Security Contexts
 | ||
| 
 | ||
|    Security contexts are established between peers, using credentials
 | ||
|    established locally in conjunction with each peer or received by
 | ||
|    peers via delegation. Multiple contexts may exist simultaneously
 | ||
|    between a pair of peers, using the same or different sets of
 | ||
|    credentials. Coexistence of multiple contexts using different
 | ||
|    credentials allows graceful rollover when credentials expire.
 | ||
|    Distinction among multiple contexts based on the same credentials
 | ||
|    serves applications by distinguishing different message streams in a
 | ||
|    security sense.
 | ||
| 
 | ||
|    The GSS-API is independent of underlying protocols and addressing
 | ||
|    structure, and depends on its callers to transport GSS-API-provided
 | ||
|    data elements. As a result of these factors, it is a caller
 | ||
|    responsibility to parse communicated messages, separating GSS-API-
 | ||
|    related data elements from caller-provided data.  The GSS-API is
 | ||
|    independent of connection vs. connectionless orientation of the
 | ||
|    underlying communications service.
 | ||
| 
 | ||
|    No correlation between security context and communications protocol
 | ||
|    association is dictated. (The optional channel binding facility,
 | ||
|    discussed in Section 1.1.6 of this document, represents an
 | ||
|    intentional exception to this rule, supporting additional protection
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 11]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    features within GSS-API supporting mechanisms.) This separation
 | ||
|    allows the GSS-API to be used in a wide range of communications
 | ||
|    environments, and also simplifies the calling sequences of the
 | ||
|    individual calls. In many cases (depending on underlying security
 | ||
|    protocol, associated mechanism, and availability of cached
 | ||
|    information), the state information required for context setup can be
 | ||
|    sent concurrently with initial signed user data, without interposing
 | ||
|    additional message exchanges.  Messages may be protected and
 | ||
|    transferred in both directions on an established GSS-API security
 | ||
|    context concurrently; protection of messages in one direction does
 | ||
|    not interfere with protection of messages in the reverse direction.
 | ||
| 
 | ||
|    GSS-API implementations are expected to retain inquirable context
 | ||
|    data on a context until the context is released by a caller, even
 | ||
|    after the context has expired, although underlying cryptographic data
 | ||
|    elements may be deleted after expiration in order to limit their
 | ||
|    exposure.
 | ||
| 
 | ||
| 1.1.4:  Mechanism Types
 | ||
| 
 | ||
|    In order to successfully establish a security context with a target
 | ||
|    peer, it is necessary to identify an appropriate underlying mechanism
 | ||
|    type (mech_type) which both initiator and target peers support. The
 | ||
|    definition of a mechanism embodies not only the use of a particular
 | ||
|    cryptographic technology (or a hybrid or choice among alternative
 | ||
|    cryptographic technologies), but also definition of the syntax and
 | ||
|    semantics of data element exchanges which that mechanism will employ
 | ||
|    in order to support security services.
 | ||
| 
 | ||
|    It is recommended that callers initiating contexts specify the
 | ||
|    "default" mech_type value, allowing system-specific functions within
 | ||
|    or invoked by the GSS-API implementation to select the appropriate
 | ||
|    mech_type, but callers may direct that a particular mech_type be
 | ||
|    employed when necessary.
 | ||
| 
 | ||
|    For GSS-API purposes, the phrase "negotiating mechanism" refers to a
 | ||
|    mechanism which itself performs negotiation in order to select a
 | ||
|    concrete mechanism which is shared between peers and is then used for
 | ||
|    context establishment.  Only those mechanisms which are defined in
 | ||
|    their specifications as negotiating mechanisms are to yield selected
 | ||
|    mechanisms with different identifier values than the value which is
 | ||
|    input by a GSS-API caller, except for the case of a caller requesting
 | ||
|    the "default" mech_type.
 | ||
| 
 | ||
|    The means for identifying a shared mech_type to establish a security
 | ||
|    context with a peer will vary in different environments and
 | ||
|    circumstances; examples include (but are not limited to):
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 12]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       use of a fixed mech_type, defined by configuration, within an
 | ||
|       environment
 | ||
| 
 | ||
|       syntactic convention on a target-specific basis, through
 | ||
|       examination of a target's name lookup of a target's name in a
 | ||
|       naming service or other database in order to identify mech_types
 | ||
|       supported by that target
 | ||
| 
 | ||
|       explicit negotiation between GSS-API callers in advance of
 | ||
|       security context setup
 | ||
| 
 | ||
|       use of a negotiating mechanism
 | ||
| 
 | ||
|    When transferred between GSS-API peers, mech_type specifiers (per
 | ||
|    Section 3 of this document, represented as Object Identifiers (OIDs))
 | ||
|    serve to qualify the interpretation of associated tokens. (The
 | ||
|    structure and encoding of Object Identifiers is defined in [ISOIEC-
 | ||
|    8824] and [ISOIEC-8825].) Use of hierarchically structured OIDs
 | ||
|    serves to preclude ambiguous interpretation of mech_type specifiers.
 | ||
|    The OID representing the DASS ([RFC-1507]) MechType, for example, is
 | ||
|    1.3.12.2.1011.7.5, and that of the Kerberos V5 mechanism ([RFC-
 | ||
|    1964]), having been advanced to the level of Proposed Standard, is
 | ||
|    1.2.840.113554.1.2.2.
 | ||
| 
 | ||
| 1.1.5:  Naming
 | ||
| 
 | ||
|    The GSS-API avoids prescribing naming structures, treating the names
 | ||
|    which are transferred across the interface in order to initiate and
 | ||
|    accept security contexts as opaque objects.  This approach supports
 | ||
|    the GSS-API's goal of implementability atop a range of underlying
 | ||
|    security mechanisms, recognizing the fact that different mechanisms
 | ||
|    process and authenticate names which are presented in different
 | ||
|    forms. Generalized services offering translation functions among
 | ||
|    arbitrary sets of naming environments are outside the scope of the
 | ||
|    GSS-API; availability and use of local conversion functions to
 | ||
|    translate among the naming formats supported within a given end
 | ||
|    system is anticipated.
 | ||
| 
 | ||
|    Different classes of name representations are used in conjunction
 | ||
|    with different GSS-API parameters:
 | ||
| 
 | ||
|       - Internal form (denoted in this document by INTERNAL NAME),
 | ||
|       opaque to callers and defined by individual GSS-API
 | ||
|       implementations.  GSS-API implementations supporting multiple
 | ||
|       namespace types must maintain internal tags to disambiguate the
 | ||
|       interpretation of particular names.  A Mechanism Name (MN) is a
 | ||
|       special case of INTERNAL NAME, guaranteed to contain elements
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 13]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       corresponding to one and only one mechanism; calls which are
 | ||
|       guaranteed to emit MNs or which require MNs as input are so
 | ||
|       identified within this specification.
 | ||
| 
 | ||
|       - Contiguous string ("flat") form (denoted in this document by
 | ||
|       OCTET STRING); accompanied by OID tags identifying the namespace
 | ||
|       to which they correspond.  Depending on tag value, flat names may
 | ||
|       or may not be printable strings for direct acceptance from and
 | ||
|       presentation to users. Tagging of flat names allows GSS-API
 | ||
|       callers and underlying GSS-API mechanisms to disambiguate name
 | ||
|       types and to determine whether an associated name's type is one
 | ||
|       which they are capable of processing, avoiding aliasing problems
 | ||
|       which could result from misinterpreting a name of one type as a
 | ||
|       name of another type.
 | ||
| 
 | ||
|       - The GSS-API Exported Name Object, a special case of flat name
 | ||
|       designated by a reserved OID value, carries a canonicalized form
 | ||
|       of a name suitable for binary comparisons.
 | ||
| 
 | ||
|    In addition to providing means for names to be tagged with types,
 | ||
|    this specification defines primitives to support a level of naming
 | ||
|    environment independence for certain calling applications. To provide
 | ||
|    basic services oriented towards the requirements of callers which
 | ||
|    need not themselves interpret the internal syntax and semantics of
 | ||
|    names, GSS-API calls for name comparison (GSS_Compare_name()),
 | ||
|    human-readable display (GSS_Display_name()), input conversion
 | ||
|    (GSS_Import_name()), internal name deallocation (GSS_Release_name()),
 | ||
|    and internal name duplication (GSS_Duplicate_name()) functions are
 | ||
|    defined. (It is anticipated that these proposed GSS-API calls will be
 | ||
|    implemented in many end systems based on system-specific name
 | ||
|    manipulation primitives already extant within those end systems;
 | ||
|    inclusion within the GSS-API is intended to offer GSS-API callers a
 | ||
|    portable means to perform specific operations, supportive of
 | ||
|    authorization and audit requirements, on authenticated names.)
 | ||
| 
 | ||
|    GSS_Import_name() implementations can, where appropriate, support
 | ||
|    more than one printable syntax corresponding to a given namespace
 | ||
|    (e.g., alternative printable representations for X.500 Distinguished
 | ||
|    Names), allowing flexibility for their callers to select among
 | ||
|    alternative representations. GSS_Display_name() implementations
 | ||
|    output a printable syntax selected as appropriate to their
 | ||
|    operational environments; this selection is a local matter. Callers
 | ||
|    desiring portability across alternative printable syntaxes should
 | ||
|    refrain from implementing comparisons based on printable name forms
 | ||
|    and should instead use the GSS_Compare_name()  call to determine
 | ||
|    whether or not one internal-format name matches another.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 14]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    When used in large access control lists, the overhead of invoking
 | ||
|    GSS_Import_name() and GSS_Compare_name() on each name from the ACL
 | ||
|    may be prohibitive.  As an alternative way of supporting this case,
 | ||
|    GSS-API defines a special form of the contiguous string name which
 | ||
|    may be compared directly (e.g., with memcmp()).  Contiguous names
 | ||
|    suitable for comparison are generated by the GSS_Export_name()
 | ||
|    routine, which requires an MN as input.  Exported names may be re-
 | ||
|    imported by the GSS_Import_name() routine, and the resulting internal
 | ||
|    name will also be an MN.  The symbolic constant GSS_C_NT_EXPORT_NAME
 | ||
|    identifies the "export name" type. Structurally, an exported name
 | ||
|    object consists of a header containing an OID identifying the
 | ||
|    mechanism that authenticated the name, and a trailer containing the
 | ||
|    name itself, where the syntax of the trailer is defined by the
 | ||
|    individual mechanism specification.  The precise format of an
 | ||
|    exported name is defined in Section 3.2 of this specification.
 | ||
| 
 | ||
|    Note that the results obtained by using GSS_Compare_name() will in
 | ||
|    general be different from those obtained by invoking
 | ||
|    GSS_Canonicalize_name() and GSS_Export_name(), and then comparing the
 | ||
|    exported names.  The first series of operations determines whether
 | ||
|    two (unauthenticated) names identify the same principal; the second
 | ||
|    whether a particular mechanism would authenticate them as the same
 | ||
|    principal.  These two operations will in general give the same
 | ||
|    results only for MNs.
 | ||
| 
 | ||
|    The following diagram illustrates the intended dataflow among name-
 | ||
|    related GSS-API processing routines.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 15]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|                         GSS-API library defaults
 | ||
|                                |
 | ||
|                                |
 | ||
|                                V                         text, for
 | ||
|    text -------------->  internal_name (IN) -----------> display only
 | ||
|          import_name()          /          display_name()
 | ||
|                                /
 | ||
|                               /
 | ||
|                              /
 | ||
|     accept_sec_context()    /
 | ||
|           |                /
 | ||
|           |               /
 | ||
|           |              /  canonicalize_name()
 | ||
|           |             /
 | ||
|           |            /
 | ||
|           |           /
 | ||
|           |          /
 | ||
|           |         /
 | ||
|           |        |
 | ||
|           V        V     <---------------------
 | ||
|     single mechanism        import_name()         exported name: flat
 | ||
|     internal_name (MN)                            binary "blob" usable
 | ||
|                          ---------------------->  for access control
 | ||
|                             export_name()
 | ||
| 
 | ||
| 1.1.6:  Channel Bindings
 | ||
| 
 | ||
|    The GSS-API accommodates the concept of caller-provided channel
 | ||
|    binding ("chan_binding") information.  Channel bindings are used to
 | ||
|    strengthen the quality with which peer entity authentication is
 | ||
|    provided during context establishment, by limiting the scope within
 | ||
|    which an intercepted context establishment token can be reused by an
 | ||
|    attacker. Specifically, they enable GSS-API callers to bind the
 | ||
|    establishment of a security context to relevant characteristics
 | ||
|    (e.g., addresses, transformed representations of encryption keys) of
 | ||
|    the underlying communications channel, of protection mechanisms
 | ||
|    applied to that communications channel, and to application-specific
 | ||
|    data.
 | ||
| 
 | ||
|    The caller initiating a security context must determine the
 | ||
|    appropriate channel binding values to provide as input to the
 | ||
|    GSS_Init_sec_context() call, and consistent values must be provided
 | ||
|    to GSS_Accept_sec_context() by the context's target, in order for
 | ||
|    both peers' GSS-API mechanisms to validate that received tokens
 | ||
|    possess correct channel-related characteristics. Use or non-use of
 | ||
|    the GSS-API channel binding facility is a caller option.  GSS-API
 | ||
|    mechanisms can operate in an environment where NULL channel bindings
 | ||
|    are presented; mechanism implementors are encouraged, but not
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 16]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    required, to make use of caller-provided channel binding data within
 | ||
|    their mechanisms. Callers should not assume that underlying
 | ||
|    mechanisms provide confidentiality protection for channel binding
 | ||
|    information.
 | ||
| 
 | ||
|    When non-NULL channel bindings are provided by callers, certain
 | ||
|    mechanisms can offer enhanced security value by interpreting the
 | ||
|    bindings' content (rather than simply representing those bindings, or
 | ||
|    integrity check values computed on them, within tokens) and will
 | ||
|    therefore depend on presentation of specific data in a defined
 | ||
|    format. To this end, agreements among mechanism implementors are
 | ||
|    defining conventional interpretations for the contents of channel
 | ||
|    binding arguments, including address specifiers (with content
 | ||
|    dependent on communications protocol environment) for context
 | ||
|    initiators and acceptors. (These conventions are being incorporated
 | ||
|    in GSS-API mechanism specifications and into the GSS-API C language
 | ||
|    bindings specification.) In order for GSS-API callers to be portable
 | ||
|    across multiple mechanisms and achieve the full security
 | ||
|    functionality which each mechanism can provide, it is strongly
 | ||
|    recommended that GSS-API callers provide channel bindings consistent
 | ||
|    with these conventions and those of the networking environment in
 | ||
|    which they operate.
 | ||
| 
 | ||
| 1.2:  GSS-API Features and Issues
 | ||
| 
 | ||
|    This section describes aspects of GSS-API operations, of the security
 | ||
|    services which the GSS-API provides, and provides commentary on
 | ||
|    design issues.
 | ||
| 
 | ||
| 1.2.1:  Status Reporting and Optional Service Support
 | ||
| 
 | ||
| 1.2.1.1: Status Reporting
 | ||
| 
 | ||
|    Each GSS-API call provides two status return values. Major_status
 | ||
|    values provide a mechanism-independent indication of call status
 | ||
|    (e.g., GSS_S_COMPLETE, GSS_S_FAILURE, GSS_S_CONTINUE_NEEDED),
 | ||
|    sufficient to drive normal control flow within the caller in a
 | ||
|    generic fashion. Table 1 summarizes the defined major_status return
 | ||
|    codes in tabular fashion.
 | ||
| 
 | ||
|    Sequencing-related informatory major_status codes
 | ||
|    (GSS_S_DUPLICATE_TOKEN, GSS_S_OLD_TOKEN, GSS_S_UNSEQ_TOKEN, and
 | ||
|    GSS_S_GAP_TOKEN) can be indicated in conjunction with either
 | ||
|    GSS_S_COMPLETE or GSS_S_FAILURE status for GSS-API per-message calls.
 | ||
|    For context establishment calls, these sequencing-related codes will
 | ||
|    be indicated only in conjunction with GSS_S_FAILURE status (never in
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 17]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    conjunction with GSS_S_COMPLETE or GSS_S_CONTINUE_NEEDED), and,
 | ||
|    therefore, always correspond to fatal failures if encountered during
 | ||
|    the context establishment phase.
 | ||
| 
 | ||
|    Table 1: GSS-API Major Status Codes
 | ||
| 
 | ||
|    FATAL ERROR CODES
 | ||
| 
 | ||
|    GSS_S_BAD_BINDINGS            channel binding mismatch
 | ||
|    GSS_S_BAD_MECH                unsupported mechanism requested
 | ||
|    GSS_S_BAD_NAME                invalid name provided
 | ||
|    GSS_S_BAD_NAMETYPE            name of unsupported type provided
 | ||
|    GSS_S_BAD_STATUS              invalid input status selector
 | ||
|    GSS_S_BAD_SIG                 token had invalid integrity check
 | ||
|    GSS_S_BAD_MIC                   preferred alias for GSS_S_BAD_SIG
 | ||
|    GSS_S_CONTEXT_EXPIRED         specified security context expired
 | ||
|    GSS_S_CREDENTIALS_EXPIRED     expired credentials detected
 | ||
|    GSS_S_DEFECTIVE_CREDENTIAL    defective credential detected
 | ||
|    GSS_S_DEFECTIVE_TOKEN         defective token detected
 | ||
|    GSS_S_FAILURE                 failure, unspecified at GSS-API
 | ||
|                                    level
 | ||
|    GSS_S_NO_CONTEXT              no valid security context specified
 | ||
|    GSS_S_NO_CRED                 no valid credentials provided
 | ||
|    GSS_S_BAD_QOP                 unsupported QOP value
 | ||
|    GSS_S_UNAUTHORIZED            operation unauthorized
 | ||
|    GSS_S_UNAVAILABLE             operation unavailable
 | ||
|    GSS_S_DUPLICATE_ELEMENT       duplicate credential element requested
 | ||
|    GSS_S_NAME_NOT_MN             name contains multi-mechanism elements
 | ||
| 
 | ||
|    INFORMATORY STATUS CODES
 | ||
| 
 | ||
|    GSS_S_COMPLETE                normal completion
 | ||
|    GSS_S_CONTINUE_NEEDED         continuation call to routine
 | ||
|                                   required
 | ||
|    GSS_S_DUPLICATE_TOKEN         duplicate per-message token
 | ||
|                                   detected
 | ||
|    GSS_S_OLD_TOKEN               timed-out per-message token
 | ||
|                                   detected
 | ||
|    GSS_S_UNSEQ_TOKEN             reordered (early) per-message token
 | ||
|                                   detected
 | ||
|    GSS_S_GAP_TOKEN               skipped predecessor token(s)
 | ||
|                                   detected
 | ||
| 
 | ||
|    Minor_status provides more detailed status information which may
 | ||
|    include status codes specific to the underlying security mechanism.
 | ||
|    Minor_status values are not specified in this document.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 18]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    GSS_S_CONTINUE_NEEDED major_status returns, and optional message
 | ||
|    outputs, are provided in GSS_Init_sec_context() and
 | ||
|    GSS_Accept_sec_context() calls so that different mechanisms'
 | ||
|    employment of different numbers of messages within their
 | ||
|    authentication sequences need not be reflected in separate code paths
 | ||
|    within calling applications. Instead, such cases are accommodated
 | ||
|    with sequences of continuation calls to GSS_Init_sec_context()  and
 | ||
|    GSS_Accept_sec_context().  The same facility is used to encapsulate
 | ||
|    mutual authentication within the GSS-API's context initiation calls.
 | ||
| 
 | ||
|    For mech_types which require interactions with third-party servers in
 | ||
|    order to establish a security context, GSS-API context establishment
 | ||
|    calls may block pending completion of such third-party interactions.
 | ||
|    On the other hand, no GSS-API calls pend on serialized interactions
 | ||
|    with GSS-API peer entities.  As a result, local GSS-API status
 | ||
|    returns cannot reflect unpredictable or asynchronous exceptions
 | ||
|    occurring at remote peers, and reflection of such status information
 | ||
|    is a caller responsibility outside the GSS-API.
 | ||
| 
 | ||
| 1.2.1.2: Optional Service Support
 | ||
| 
 | ||
|    A context initiator may request various optional services at context
 | ||
|    establishment time. Each of these services is requested by setting a
 | ||
|    flag in the req_flags input parameter to GSS_Init_sec_context().
 | ||
| 
 | ||
|    The optional services currently defined are:
 | ||
| 
 | ||
|       - Delegation - The (usually temporary) transfer of rights from
 | ||
|       initiator to acceptor, enabling the acceptor to authenticate
 | ||
|       itself as an agent of the initiator.
 | ||
| 
 | ||
|       - Mutual Authentication - In addition to the initiator
 | ||
|       authenticating its identity to the context acceptor, the context
 | ||
|       acceptor should also authenticate itself to the initiator.
 | ||
| 
 | ||
|       - Replay detection - In addition to providing message integrity
 | ||
|       services, GSS_GetMIC() and GSS_Wrap() should include message
 | ||
|       numbering information to enable GSS_VerifyMIC() and GSS_Unwrap()
 | ||
|       to detect if a message has been duplicated.
 | ||
| 
 | ||
|       - Out-of-sequence detection - In addition to providing message
 | ||
|       integrity services, GSS_GetMIC() and GSS_Wrap() should include
 | ||
|       message sequencing information to enable GSS_VerifyMIC() and
 | ||
|       GSS_Unwrap() to detect if a message has been received out of
 | ||
|       sequence.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 19]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       - Anonymous authentication - The establishment of the security
 | ||
|       context should not reveal the initiator's identity to the context
 | ||
|       acceptor.
 | ||
| 
 | ||
|       - Available per-message confidentiality - requests that per-
 | ||
|       message confidentiality services be available on the context.
 | ||
| 
 | ||
|       - Available per-message integrity - requests that per-message
 | ||
|       integrity services be available on the context.
 | ||
| 
 | ||
|    Any currently undefined bits within such flag arguments should be
 | ||
|    ignored by GSS-API implementations when presented by an application,
 | ||
|    and should be set to zero when returned to the application by the
 | ||
|    GSS-API implementation.
 | ||
| 
 | ||
|    Some mechanisms may not support all optional services, and some
 | ||
|    mechanisms may only support some services in conjunction with others.
 | ||
|    Both GSS_Init_sec_context() and GSS_Accept_sec_context() inform the
 | ||
|    applications which services will be available from the context when
 | ||
|    the establishment phase is complete, via the ret_flags output
 | ||
|    parameter.  In general, if the security mechanism is capable of
 | ||
|    providing a requested service, it should do so, even if additional
 | ||
|    services must be enabled in order to provide the requested service.
 | ||
|    If the mechanism is incapable of providing a requested service, it
 | ||
|    should proceed without the service, leaving the application to abort
 | ||
|    the context establishment process if it considers the requested
 | ||
|    service to be mandatory.
 | ||
| 
 | ||
|    Some mechanisms may specify that support for some services is
 | ||
|    optional, and that implementors of the mechanism need not provide it.
 | ||
|    This is most commonly true of the confidentiality service, often
 | ||
|    because of legal restrictions on the use of data-encryption, but may
 | ||
|    apply to any of the services.  Such mechanisms are required to send
 | ||
|    at least one token from acceptor to initiator during context
 | ||
|    establishment when the initiator indicates a desire to use such a
 | ||
|    service, so that the initiating GSS-API can correctly indicate
 | ||
|    whether the service is supported by the acceptor's GSS-API.
 | ||
| 
 | ||
| 1.2.2: Per-Message Security Service Availability
 | ||
| 
 | ||
|    When a context is established, two flags are returned to indicate the
 | ||
|    set of per-message protection security services which will be
 | ||
|    available on the context:
 | ||
| 
 | ||
|       the integ_avail flag indicates whether per-message integrity and
 | ||
|       data origin authentication services are available
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 20]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       the conf_avail flag indicates whether per-message confidentiality
 | ||
|       services are available, and will never be returned TRUE unless the
 | ||
|       integ_avail flag is also returned TRUE
 | ||
| 
 | ||
|    GSS-API callers desiring per-message security services should check
 | ||
|    the values of these flags at context establishment time, and must be
 | ||
|    aware that a returned FALSE value for integ_avail means that
 | ||
|    invocation of GSS_GetMIC() or GSS_Wrap() primitives on the associated
 | ||
|    context will apply no cryptographic protection to user data messages.
 | ||
| 
 | ||
|    The GSS-API per-message integrity and data origin authentication
 | ||
|    services provide assurance to a receiving caller that protection was
 | ||
|    applied to a message by the caller's peer on the security context,
 | ||
|    corresponding to the entity named at context initiation.  The GSS-API
 | ||
|    per-message confidentiality service provides assurance to a sending
 | ||
|    caller that the message's content is protected from access by
 | ||
|    entities other than the context's named peer.
 | ||
| 
 | ||
|    The GSS-API per-message protection service primitives, as the
 | ||
|    category name implies, are oriented to operation at the granularity
 | ||
|    of protocol data units. They perform cryptographic operations on the
 | ||
|    data units, transfer cryptographic control information in tokens,
 | ||
|    and, in the case of GSS_Wrap(), encapsulate the protected data unit.
 | ||
|    As such, these primitives are not oriented to efficient data
 | ||
|    protection for stream-paradigm protocols (e.g., Telnet) if
 | ||
|    cryptography must be applied on an octet-by-octet basis.
 | ||
| 
 | ||
| 1.2.3: Per-Message Replay Detection and Sequencing
 | ||
| 
 | ||
|    Certain underlying mech_types offer support for replay detection
 | ||
|    and/or sequencing of messages transferred on the contexts they
 | ||
|    support. These optionally-selectable protection features are distinct
 | ||
|    from replay detection and sequencing features applied to the context
 | ||
|    establishment operation itself; the presence or absence of context-
 | ||
|    level replay or sequencing features is wholly a function of the
 | ||
|    underlying mech_type's capabilities, and is not selected or omitted
 | ||
|    as a caller option.
 | ||
| 
 | ||
|    The caller initiating a context provides flags (replay_det_req_flag
 | ||
|    and sequence_req_flag) to specify whether the use of per-message
 | ||
|    replay detection and sequencing features is desired on the context
 | ||
|    being established. The GSS-API implementation at the initiator system
 | ||
|    can determine whether these features are supported (and whether they
 | ||
|    are optionally selectable) as a function of the selected mechanism,
 | ||
|    without need for bilateral negotiation with the target. When enabled,
 | ||
|    these features provide recipients with indicators as a result of
 | ||
|    GSS-API processing of incoming messages, identifying whether those
 | ||
|    messages were detected as duplicates or out-of-sequence. Detection of
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 21]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    such events does not prevent a suspect message from being provided to
 | ||
|    a recipient; the appropriate course of action on a suspect message is
 | ||
|    a matter of caller policy.
 | ||
| 
 | ||
|    The semantics of the replay detection and sequencing services applied
 | ||
|    to received messages, as visible across the interface which the GSS-
 | ||
|    API provides to its clients, are as follows:
 | ||
| 
 | ||
|    When replay_det_state is TRUE, the possible major_status returns for
 | ||
|    well-formed and correctly signed messages are as follows:
 | ||
| 
 | ||
|       1. GSS_S_COMPLETE, without concurrent indication of
 | ||
|       GSS_S_DUPLICATE_TOKEN or GSS_S_OLD_TOKEN, indicates that the
 | ||
|       message was within the window (of time or sequence space) allowing
 | ||
|       replay events to be detected, and that the message was not a
 | ||
|       replay of a previously-processed message within that window.
 | ||
| 
 | ||
|       2. GSS_S_DUPLICATE_TOKEN indicates that the cryptographic
 | ||
|       checkvalue on the received message was correct, but that the
 | ||
|       message was recognized as a duplicate of a previously-processed
 | ||
|       message.  In addition to identifying duplicated tokens originated
 | ||
|       by a context's peer, this status may also be used to identify
 | ||
|       reflected copies of locally-generated tokens; it is recommended
 | ||
|       that mechanism designers include within their protocols facilities
 | ||
|       to detect and report such tokens.
 | ||
| 
 | ||
|       3. GSS_S_OLD_TOKEN indicates that the cryptographic checkvalue on
 | ||
|       the received message was correct, but that the message is too old
 | ||
|       to be checked for duplication.
 | ||
| 
 | ||
|    When sequence_state is TRUE, the possible major_status returns for
 | ||
|    well-formed and correctly signed messages are as follows:
 | ||
| 
 | ||
|       1. GSS_S_COMPLETE, without concurrent indication of
 | ||
|       GSS_S_DUPLICATE_TOKEN, GSS_S_OLD_TOKEN, GSS_S_UNSEQ_TOKEN, or
 | ||
|       GSS_S_GAP_TOKEN, indicates that the message was within the window
 | ||
|       (of time or sequence space) allowing replay events to be detected,
 | ||
|       that the message was not a replay of a previously-processed
 | ||
|       message within that window, and that no predecessor sequenced
 | ||
|       messages are missing relative to the last received message (if
 | ||
|       any) processed on the context with a correct cryptographic
 | ||
|       checkvalue.
 | ||
| 
 | ||
|       2. GSS_S_DUPLICATE_TOKEN indicates that the integrity check value
 | ||
|       on the received message was correct, but that the message was
 | ||
|       recognized as a duplicate of a previously-processed message.  In
 | ||
|       addition to identifying duplicated tokens originated by a
 | ||
|       context's peer, this status may also be used to identify reflected
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 22]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       copies of locally-generated tokens; it is recommended that
 | ||
|       mechanism designers include within their protocols facilities to
 | ||
|       detect and report such tokens.
 | ||
| 
 | ||
|       3. GSS_S_OLD_TOKEN indicates that the integrity check value on the
 | ||
|       received message was correct, but that the token is too old to be
 | ||
|       checked for duplication.
 | ||
| 
 | ||
|       4. GSS_S_UNSEQ_TOKEN indicates that the cryptographic checkvalue
 | ||
|       on the received message was correct, but that it is earlier in a
 | ||
|       sequenced stream than a message already processed on the context.
 | ||
|       [Note: Mechanisms can be architected to provide a stricter form of
 | ||
|       sequencing service, delivering particular messages to recipients
 | ||
|       only after all predecessor messages in an ordered stream have been
 | ||
|       delivered.  This type of support is incompatible with the GSS-API
 | ||
|       paradigm in which recipients receive all messages, whether in
 | ||
|       order or not, and provide them (one at a time, without intra-GSS-
 | ||
|       API message buffering) to GSS-API routines for validation.  GSS-
 | ||
|       API facilities provide supportive functions, aiding clients to
 | ||
|       achieve strict message stream integrity in an efficient manner in
 | ||
|       conjunction with sequencing provisions in communications
 | ||
|       protocols, but the GSS-API does not offer this level of message
 | ||
|       stream integrity service by itself.]
 | ||
| 
 | ||
|       5. GSS_S_GAP_TOKEN indicates that the cryptographic checkvalue on
 | ||
|       the received message was correct, but that one or more predecessor
 | ||
|       sequenced messages have not been successfully processed relative
 | ||
|       to the last received message (if any) processed on the context
 | ||
|       with a correct cryptographic checkvalue.
 | ||
| 
 | ||
|    As the message stream integrity features (especially sequencing) may
 | ||
|    interfere with certain applications' intended communications
 | ||
|    paradigms, and since support for such features is likely to be
 | ||
|    resource intensive, it is highly recommended that mech_types
 | ||
|    supporting these features allow them to be activated selectively on
 | ||
|    initiator request when a context is established. A context initiator
 | ||
|    and target are provided with corresponding indicators
 | ||
|    (replay_det_state and sequence_state), signifying whether these
 | ||
|    features are active on a given context.
 | ||
| 
 | ||
|    An example mech_type supporting per-message replay detection could
 | ||
|    (when replay_det_state is TRUE) implement the feature as follows: The
 | ||
|    underlying mechanism would insert timestamps in data elements output
 | ||
|    by GSS_GetMIC() and GSS_Wrap(), and would maintain (within a time-
 | ||
|    limited window) a cache (qualified by originator-recipient pair)
 | ||
|    identifying received data elements processed by GSS_VerifyMIC() and
 | ||
|    GSS_Unwrap(). When this feature is active, exception status returns
 | ||
|    (GSS_S_DUPLICATE_TOKEN, GSS_S_OLD_TOKEN) will be provided when
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 23]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    GSS_VerifyMIC() or GSS_Unwrap() is presented with a message which is
 | ||
|    either a detected duplicate of a prior message or which is too old to
 | ||
|    validate against a cache of recently received messages.
 | ||
| 
 | ||
| 1.2.4:  Quality of Protection
 | ||
| 
 | ||
|    Some mech_types provide their users with fine granularity control
 | ||
|    over the means used to provide per-message protection, allowing
 | ||
|    callers to trade off security processing overhead dynamically against
 | ||
|    the protection requirements of particular messages. A per-message
 | ||
|    quality-of-protection parameter (analogous to quality-of-service, or
 | ||
|    QOS) selects among different QOP options supported by that mechanism.
 | ||
|    On context establishment for a multi-QOP mech_type, context-level
 | ||
|    data provides the prerequisite data for a range of protection
 | ||
|    qualities.
 | ||
| 
 | ||
|    It is expected that the majority of callers will not wish to exert
 | ||
|    explicit mechanism-specific QOP control and will therefore request
 | ||
|    selection of a default QOP. Definitions of, and choices among, non-
 | ||
|    default QOP values are mechanism-specific, and no ordered sequences
 | ||
|    of QOP values can be assumed equivalent across different mechanisms.
 | ||
|    Meaningful use of non-default QOP values demands that callers be
 | ||
|    familiar with the QOP definitions of an underlying mechanism or
 | ||
|    mechanisms, and is therefore a non-portable construct.  The
 | ||
|    GSS_S_BAD_QOP major_status value is defined in order to indicate that
 | ||
|    a provided QOP value is unsupported for a security context, most
 | ||
|    likely because that value is unrecognized by the underlying
 | ||
|    mechanism.
 | ||
| 
 | ||
|    In the interests of interoperability, mechanisms which allow optional
 | ||
|    support of particular QOP values shall satisfy one of the following
 | ||
|    conditions.  Either:
 | ||
| 
 | ||
|       (i) All implementations of the mechanism are required to be
 | ||
|       capable of processing messages protected using any QOP value,
 | ||
|       regardless of whether they can apply protection corresponding to
 | ||
|       that QOP, or
 | ||
| 
 | ||
|       (ii) The set of mutually-supported receiver QOP values must be
 | ||
|       determined during context establishment, and messages may be
 | ||
|       protected by either peer using only QOP values from this
 | ||
|       mutually-supported set.
 | ||
| 
 | ||
|    NOTE: (i) is just a special-case of (ii), where implementations are
 | ||
|    required to support all QOP values on receipt.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 24]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 1.2.5: Anonymity Support
 | ||
| 
 | ||
|    In certain situations or environments, an application may wish to
 | ||
|    authenticate a peer and/or protect communications using GSS-API per-
 | ||
|    message services without revealing its own identity.  For example,
 | ||
|    consider an application which provides read access to a research
 | ||
|    database, and which permits queries by arbitrary requestors.  A
 | ||
|    client of such a service might wish to authenticate the service, to
 | ||
|    establish trust in the information received from it, but might not
 | ||
|    wish to disclose its identity to the service for privacy reasons.
 | ||
| 
 | ||
|    In ordinary GSS-API usage, a context initiator's identity is made
 | ||
|    available to the context acceptor as part of the context
 | ||
|    establishment process.  To provide for anonymity support, a facility
 | ||
|    (input anon_req_flag to GSS_Init_sec_context()) is provided through
 | ||
|    which context initiators may request that their identity not be
 | ||
|    provided to the context acceptor.  Mechanisms are not required to
 | ||
|    honor this request, but a caller will be informed (via returned
 | ||
|    anon_state indicator from GSS_Init_sec_context()) whether or not the
 | ||
|    request is honored. Note that authentication as the anonymous
 | ||
|    principal does not necessarily imply that credentials are not
 | ||
|    required in order to establish a context.
 | ||
| 
 | ||
|    Section 4.5 of this document defines the Object Identifier value used
 | ||
|    to identify an anonymous principal.
 | ||
| 
 | ||
|    Four possible combinations of anon_state and mutual_state are
 | ||
|    possible, with the following results:
 | ||
| 
 | ||
|       anon_state == FALSE, mutual_state == FALSE: initiator
 | ||
|       authenticated to target.
 | ||
| 
 | ||
|       anon_state == FALSE, mutual_state == TRUE: initiator authenticated
 | ||
|       to target, target authenticated to initiator.
 | ||
| 
 | ||
|       anon_state == TRUE, mutual_state == FALSE: initiator authenticated
 | ||
|       as anonymous principal to target.
 | ||
| 
 | ||
|       anon_state == TRUE, mutual_state == TRUE: initiator authenticated
 | ||
|       as anonymous principal to target, target authenticated to
 | ||
|       initiator.
 | ||
| 
 | ||
| 1.2.6: Initialization
 | ||
| 
 | ||
|    No initialization calls (i.e., calls which must be invoked prior to
 | ||
|    invocation of other facilities in the interface) are defined in GSS-
 | ||
|    API.  As an implication of this fact, GSS-API implementations must
 | ||
|    themselves be self-initializing.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 25]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 1.2.7: Per-Message Protection During Context Establishment
 | ||
| 
 | ||
|    A facility is defined in GSS-V2 to enable protection and buffering of
 | ||
|    data messages for later transfer while a security context's
 | ||
|    establishment is in GSS_S_CONTINUE_NEEDED status, to be used in cases
 | ||
|    where the caller side already possesses the necessary session key to
 | ||
|    enable this processing. Specifically, a new state Boolean, called
 | ||
|    prot_ready_state, is added to the set of information returned by
 | ||
|    GSS_Init_sec_context(), GSS_Accept_sec_context(), and
 | ||
|    GSS_Inquire_context().
 | ||
| 
 | ||
|    For context establishment calls, this state Boolean is valid and
 | ||
|    interpretable when the associated major_status is either
 | ||
|    GSS_S_CONTINUE_NEEDED, or GSS_S_COMPLETE.  Callers of GSS-API (both
 | ||
|    initiators and acceptors) can assume that per-message protection (via
 | ||
|    GSS_Wrap(), GSS_Unwrap(), GSS_GetMIC() and GSS_VerifyMIC()) is
 | ||
|    available and ready for use if either: prot_ready_state == TRUE, or
 | ||
|    major_status == GSS_S_COMPLETE, though mutual authentication (if
 | ||
|    requested) cannot be guaranteed until GSS_S_COMPLETE is returned.
 | ||
|    Callers making use of per-message protection services in advance of
 | ||
|    GSS_S_COMPLETE status should be aware of the possibility that a
 | ||
|    subsequent context establishment step may fail, and that certain
 | ||
|    context data (e.g., mech_type) as returned for subsequent calls may
 | ||
|    change.
 | ||
| 
 | ||
|    This approach achieves full, transparent backward compatibility for
 | ||
|    GSS-API V1 callers, who need not even know of the existence of
 | ||
|    prot_ready_state, and who will get the expected behavior from
 | ||
|    GSS_S_COMPLETE, but who will not be able to use per-message
 | ||
|    protection before GSS_S_COMPLETE is returned.
 | ||
| 
 | ||
|    It is not a requirement that GSS-V2 mechanisms ever return TRUE
 | ||
|    prot_ready_state before completion of context establishment (indeed,
 | ||
|    some mechanisms will not evolve usable message protection keys,
 | ||
|    especially at the context acceptor, before context establishment is
 | ||
|    complete).  It is expected but not required that GSS-V2 mechanisms
 | ||
|    will return TRUE prot_ready_state upon completion of context
 | ||
|    establishment if they support per-message protection at all (however
 | ||
|    GSS-V2 applications should not assume that TRUE prot_ready_state will
 | ||
|    always be returned together with the GSS_S_COMPLETE major_status,
 | ||
|    since GSS-V2 implementations may continue to support GSS-V1 mechanism
 | ||
|    code, which will never return TRUE prot_ready_state).
 | ||
| 
 | ||
|    When prot_ready_state is returned TRUE, mechanisms shall also set
 | ||
|    those context service indicator flags (deleg_state, mutual_state,
 | ||
|    replay_det_state, sequence_state, anon_state, trans_state,
 | ||
|    conf_avail, integ_avail) which represent facilities confirmed, at
 | ||
|    that time, to be available on the context being established.  In
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 26]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    situations where prot_ready_state is returned before GSS_S_COMPLETE,
 | ||
|    it is possible that additional facilities may be confirmed and
 | ||
|    subsequently indicated when GSS_S_COMPLETE is returned.
 | ||
| 
 | ||
| 1.2.8: Implementation Robustness
 | ||
| 
 | ||
|    This section recommends aspects of GSS-API implementation behavior in
 | ||
|    the interests of overall robustness.
 | ||
| 
 | ||
|    Invocation of GSS-API calls is to incur no undocumented side effects
 | ||
|    visible at the GSS-API level.
 | ||
| 
 | ||
|    If a token is presented for processing on a GSS-API security context
 | ||
|    and that token generates a fatal error in processing or is otherwise
 | ||
|    determined to be invalid for that context, the context's state should
 | ||
|    not be disrupted for purposes of processing subsequent valid tokens.
 | ||
| 
 | ||
|    Certain local conditions at a GSS-API implementation (e.g.,
 | ||
|    unavailability of memory) may preclude, temporarily or permanently,
 | ||
|    the successful processing of tokens on a GSS-API security context,
 | ||
|    typically generating GSS_S_FAILURE major_status returns along with
 | ||
|    locally-significant minor_status.  For robust operation under such
 | ||
|    conditions, the following recommendations are made:
 | ||
| 
 | ||
|       Failing calls should free any memory they allocate, so that
 | ||
|       callers may retry without causing further loss of resources.
 | ||
| 
 | ||
|       Failure of an individual call on an established context should not
 | ||
|       preclude subsequent calls from succeeding on the same context.
 | ||
| 
 | ||
|       Whenever possible, it should be possible for
 | ||
|       GSS_Delete_sec_context() calls to be successfully processed even
 | ||
|       if other calls cannot succeed, thereby enabling context-related
 | ||
|       resources to be released.
 | ||
| 
 | ||
|    A failure of GSS_GetMIC() or GSS_Wrap() due to an attempt to use an
 | ||
|    unsupported QOP will not interfere with context validity, nor shall
 | ||
|    such a failure impact the ability of the application to subsequently
 | ||
|    invoke GSS_GetMIC() or GSS_Wrap() using a supported QOP. Any state
 | ||
|    information concerning sequencing of outgoing messages shall be
 | ||
|    unchanged by an unsuccessful call of GSS_GetMIC() or GSS_Wrap().
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 27]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 1.2.9: Delegation
 | ||
| 
 | ||
|    The GSS-API allows delegation to be controlled by the initiating
 | ||
|    application via a Boolean parameter to GSS_Init_sec_context(), the
 | ||
|    routine that establishes a security context.  Some mechanisms do not
 | ||
|    support delegation, and for such mechanisms attempts by an
 | ||
|    application to enable delegation are ignored.
 | ||
| 
 | ||
|    The acceptor of a security context for which the initiator enabled
 | ||
|    delegation will receive (via the delegated_cred_handle parameter of
 | ||
|    GSS_Accept_sec_context()) a credential handle that contains the
 | ||
|    delegated identity, and this credential handle may be used to
 | ||
|    initiate subsequent GSS-API security contexts as an agent or delegate
 | ||
|    of the initiator.  If the original initiator's identity is "A" and
 | ||
|    the delegate's identity is "B", then, depending on the underlying
 | ||
|    mechanism, the identity embodied by the delegated credential may be
 | ||
|    either "A" or "B acting for A".
 | ||
| 
 | ||
|    For many mechanisms that support delegation, a simple Boolean does
 | ||
|    not provide enough control.  Examples of additional aspects of
 | ||
|    delegation control that a mechanism might provide to an application
 | ||
|    are duration of delegation, network addresses from which delegation
 | ||
|    is valid, and constraints on the tasks that may be performed by a
 | ||
|    delegate.  Such controls are presently outside the scope of the GSS-
 | ||
|    API.  GSS-API implementations supporting mechanisms offering
 | ||
|    additional controls should provide extension routines that allow
 | ||
|    these controls to be exercised (perhaps by modifying the initiator's
 | ||
|    GSS-API credential prior to its use in establishing a context).
 | ||
|    However, the simple delegation control provided by GSS-API should
 | ||
|    always be able to over-ride other mechanism-specific delegation
 | ||
|    controls; if the application instructs GSS_Init_sec_context() that
 | ||
|    delegation is not desired, then the implementation must not permit
 | ||
|    delegation to occur.  This is an exception to the general rule that a
 | ||
|    mechanism may enable services even if they are not requested;
 | ||
|    delegation may only be provided at the explicit request of the
 | ||
|    application.
 | ||
| 
 | ||
| 1.2.10: Interprocess Context Transfer
 | ||
| 
 | ||
|    GSS-API V2 provides routines (GSS_Export_sec_context() and
 | ||
|    GSS_Import_sec_context()) which allow a security context to be
 | ||
|    transferred between processes on a single machine.  The most common
 | ||
|    use for such a feature is a client-server design where the server is
 | ||
|    implemented as a single process that accepts incoming security
 | ||
|    contexts, which then launches child processes to deal with the data
 | ||
|    on these contexts.  In such a design, the child processes must have
 | ||
|    access to the security context data structure created within the
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 28]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    parent by its call to GSS_Accept_sec_context() so that they can use
 | ||
|    per-message protection services and delete the security context when
 | ||
|    the communication session ends.
 | ||
| 
 | ||
|    Since the security context data structure is expected to contain
 | ||
|    sequencing information, it is impractical in general to share a
 | ||
|    context between processes.  Thus GSS-API provides a call
 | ||
|    (GSS_Export_sec_context()) that the process which currently owns the
 | ||
|    context can call to declare that it has no intention to use the
 | ||
|    context subsequently, and to create an inter-process token containing
 | ||
|    information needed by the adopting process to successfully import the
 | ||
|    context.  After successful completion of this call, the original
 | ||
|    security context is made inaccessible to the calling process by GSS-
 | ||
|    API, and any context handles referring to this context are no longer
 | ||
|    valid.  The originating process transfers the inter-process token to
 | ||
|    the adopting process, which passes it to GSS_Import_sec_context(),
 | ||
|    and a fresh context handle is created such that it is functionally
 | ||
|    identical to the original context.
 | ||
| 
 | ||
|    The inter-process token may contain sensitive data from the original
 | ||
|    security context (including cryptographic keys).  Applications using
 | ||
|    inter-process tokens to transfer security contexts must take
 | ||
|    appropriate steps to protect these tokens in transit.
 | ||
|    Implementations are not required to support the inter-process
 | ||
|    transfer of security contexts.  The ability to transfer a security
 | ||
|    context is indicated when the context is created, by
 | ||
|    GSS_Init_sec_context() or GSS_Accept_sec_context() indicating a TRUE
 | ||
|    trans_state return value.
 | ||
| 
 | ||
| 2:  Interface Descriptions
 | ||
| 
 | ||
|    This section describes the GSS-API's service interface, dividing the
 | ||
|    set of calls offered into four groups. Credential management calls
 | ||
|    are related to the acquisition and release of credentials by
 | ||
|    principals. Context-level calls are related to the management of
 | ||
|    security contexts between principals. Per-message calls are related
 | ||
|    to the protection of individual messages on established security
 | ||
|    contexts. Support calls provide ancillary functions useful to GSS-API
 | ||
|    callers. Table 2 groups and summarizes the calls in tabular fashion.
 | ||
| 
 | ||
|    Table 2:  GSS-API Calls
 | ||
| 
 | ||
|    CREDENTIAL MANAGEMENT
 | ||
| 
 | ||
|    GSS_Acquire_cred             acquire credentials for use
 | ||
|    GSS_Release_cred             release credentials after use
 | ||
|    GSS_Inquire_cred             display information about
 | ||
|                                 credentials
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 29]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    GSS_Add_cred                 construct credentials incrementally
 | ||
|    GSS_Inquire_cred_by_mech     display per-mechanism credential
 | ||
|                                   information
 | ||
| 
 | ||
|    CONTEXT-LEVEL CALLS
 | ||
| 
 | ||
|    GSS_Init_sec_context         initiate outbound security context
 | ||
|    GSS_Accept_sec_context       accept inbound security context
 | ||
|    GSS_Delete_sec_context       flush context when no longer needed
 | ||
|    GSS_Process_context_token    process received control token on
 | ||
|                                   context
 | ||
|    GSS_Context_time             indicate validity time remaining on
 | ||
|                                      context
 | ||
|    GSS_Inquire_context          display information about context
 | ||
|    GSS_Wrap_size_limit          determine GSS_Wrap token size limit
 | ||
|    GSS_Export_sec_context       transfer context to other process
 | ||
|    GSS_Import_sec_context       import transferred context
 | ||
| 
 | ||
|    PER-MESSAGE CALLS
 | ||
| 
 | ||
|    GSS_GetMIC                   apply integrity check, receive as
 | ||
|                                   token separate from message
 | ||
|    GSS_VerifyMIC                validate integrity check token
 | ||
|                                   along with message
 | ||
|    GSS_Wrap                     sign, optionally encrypt,
 | ||
|                                   encapsulate
 | ||
|    GSS_Unwrap                   decapsulate, decrypt if needed,
 | ||
|                                   validate integrity check
 | ||
| 
 | ||
|    SUPPORT CALLS
 | ||
| 
 | ||
|    GSS_Display_status           translate status codes to printable
 | ||
|                                   form
 | ||
|    GSS_Indicate_mechs           indicate mech_types supported on
 | ||
|                                   local system
 | ||
|    GSS_Compare_name             compare two names for equality
 | ||
|    GSS_Display_name             translate name to printable form
 | ||
|    GSS_Import_name              convert printable name to
 | ||
|                                   normalized form
 | ||
|    GSS_Release_name             free storage of normalized-form
 | ||
|                                   name
 | ||
|    GSS_Release_buffer           free storage of general GSS-allocated
 | ||
|                                   object
 | ||
|    GSS_Release_OID_set          free storage of OID set object
 | ||
|    GSS_Create_empty_OID_set     create empty OID set
 | ||
|    GSS_Add_OID_set_member       add member to OID set
 | ||
|    GSS_Test_OID_set_member      test if OID is member of OID set
 | ||
|    GSS_Inquire_names_for_mech   indicate name types supported by
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 30]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|                                   mechanism
 | ||
|    GSS_Inquire_mechs_for_name   indicates mechanisms supporting name
 | ||
|                                   type
 | ||
|    GSS_Canonicalize_name        translate name to per-mechanism form
 | ||
|    GSS_Export_name              externalize per-mechanism name
 | ||
|    GSS_Duplicate_name           duplicate name object
 | ||
| 
 | ||
| 2.1:  Credential management calls
 | ||
| 
 | ||
|    These GSS-API calls provide functions related to the management of
 | ||
|    credentials. Their characterization with regard to whether or not
 | ||
|    they may block pending exchanges with other network entities (e.g.,
 | ||
|    directories or authentication servers) depends in part on OS-specific
 | ||
|    (extra-GSS-API) issues, so is not specified in this document.
 | ||
| 
 | ||
|    The GSS_Acquire_cred() call is defined within the GSS-API in support
 | ||
|    of application portability, with a particular orientation towards
 | ||
|    support of portable server applications. It is recognized that (for
 | ||
|    certain systems and mechanisms) credentials for interactive users may
 | ||
|    be managed differently from credentials for server processes; in such
 | ||
|    environments, it is the GSS-API implementation's responsibility to
 | ||
|    distinguish these cases and the procedures for making this
 | ||
|    distinction are a local matter. The GSS_Release_cred() call provides
 | ||
|    a means for callers to indicate to the GSS-API that use of a
 | ||
|    credentials structure is no longer required. The GSS_Inquire_cred()
 | ||
|    call allows callers to determine information about a credentials
 | ||
|    structure.  The GSS_Add_cred() call enables callers to append
 | ||
|    elements to an existing credential structure, allowing iterative
 | ||
|    construction of a multi-mechanism credential. The
 | ||
|    GSS_Inquire_cred_by_mech() call enables callers to extract per-
 | ||
|    mechanism information describing a credentials structure.
 | ||
| 
 | ||
| 2.1.1:  GSS_Acquire_cred call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  desired_name INTERNAL NAME, -- NULL requests locally-determined
 | ||
|    -- default
 | ||
| 
 | ||
|    o  lifetime_req INTEGER, -- in seconds; 0 requests default
 | ||
| 
 | ||
|    o  desired_mechs SET OF OBJECT IDENTIFIER, -- NULL requests
 | ||
|    -- system-selected default
 | ||
| 
 | ||
|    o  cred_usage INTEGER -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY,
 | ||
|    -- 2=ACCEPT-ONLY
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 31]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  output_cred_handle CREDENTIAL HANDLE, -- if returned non-NULL,
 | ||
|    -- caller must release with GSS_Release_cred()
 | ||
| 
 | ||
|    o  actual_mechs SET OF OBJECT IDENTIFIER, -- if returned non-NULL,
 | ||
|    -- caller must release with GSS_Release_oid_set()
 | ||
| 
 | ||
|    o  lifetime_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that requested credentials were
 | ||
|    successfully established, for the duration indicated in lifetime_rec,
 | ||
|    suitable for the usage requested in cred_usage, for the set of
 | ||
|    mech_types indicated in actual_mechs, and that those credentials can
 | ||
|    be referenced for subsequent use with the handle returned in
 | ||
|    output_cred_handle.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that a mech_type unsupported by the GSS-
 | ||
|    API implementation type was requested, causing the credential
 | ||
|    establishment operation to fail.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the provided desired_name is
 | ||
|    uninterpretable or of a type unsupported by the applicable underlying
 | ||
|    GSS-API mechanism(s), so no credentials could be established for the
 | ||
|    accompanying desired_name.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the provided desired_name is
 | ||
|    inconsistent in terms of internally-incorporated type specifier
 | ||
|    information, so no credentials could be established for the
 | ||
|    accompanying desired_name.
 | ||
| 
 | ||
|    o  GSS_S_CREDENTIALS_EXPIRED indicates that underlying credential
 | ||
|    elements corresponding to the requested desired_name have expired, so
 | ||
|    requested credentials could not be established.
 | ||
| 
 | ||
|    o GSS_S_NO_CRED indicates that no credential elements corresponding
 | ||
|    to the requested desired_name and usage could be accessed, so
 | ||
|    requested credentials could not be established.  In particular, this
 | ||
|    status should be returned upon temporary user-fixable conditions
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 32]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    preventing successful credential establishment and upon lack of
 | ||
|    authorization to establish and use credentials associated with the
 | ||
|    identity named in the input desired_name argument.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that credential establishment failed for
 | ||
|    reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    GSS_Acquire_cred() is used to acquire credentials so that a principal
 | ||
|    can (as a function of the input cred_usage parameter) initiate and/or
 | ||
|    accept security contexts under the identity represented by the
 | ||
|    desired_name input argument. On successful completion, the returned
 | ||
|    output_cred_handle result provides a handle for subsequent references
 | ||
|    to the acquired credentials.  Typically, single-user client processes
 | ||
|    requesting that default credential behavior be applied for context
 | ||
|    establishment purposes will have no need to invoke this call.
 | ||
| 
 | ||
|    A caller may provide the value NULL (GSS_C_NO_NAME) for desired_name,
 | ||
|    which will be interpreted as a request for a credential handle that
 | ||
|    will invoke default behavior when passed to GSS_Init_sec_context(),
 | ||
|    if cred_usage is GSS_C_INITIATE or GSS_C_BOTH, or
 | ||
|    GSS_Accept_sec_context(), if cred_usage is GSS_C_ACCEPT or
 | ||
|    GSS_C_BOTH.  It is possible that multiple pre-established credentials
 | ||
|    may exist for the same principal identity (for example, as a result
 | ||
|    of multiple user login sessions) when GSS_Acquire_cred() is called;
 | ||
|    the means used in such cases to select a specific credential are
 | ||
|    local matters.  The input lifetime_req argument to GSS_Acquire_cred()
 | ||
|    may provide useful information for local GSS-API implementations to
 | ||
|    employ in making this disambiguation in a manner which will best
 | ||
|    satisfy a caller's intent.
 | ||
| 
 | ||
|    This routine is expected to be used primarily by context acceptors,
 | ||
|    since implementations are likely to provide mechanism-specific ways
 | ||
|    of obtaining GSS-API initiator credentials from the system login
 | ||
|    process.  Some implementations may therefore not support the
 | ||
|    acquisition of GSS_C_INITIATE or GSS_C_BOTH credentials via
 | ||
|    GSS_Acquire_cred() for any name other than GSS_C_NO_NAME, or a name
 | ||
|    resulting from applying GSS_Inquire_context() to an active context,
 | ||
|    or a name resulting from applying GSS_Inquire_cred() against a
 | ||
|    credential handle corresponding to default behavior. It is important
 | ||
|    to recognize that the explicit name which is yielded by resolving a
 | ||
|    default reference may change over time, e.g., as a result of local
 | ||
|    credential element management operations outside GSS-API; once
 | ||
|    resolved, however, the value of such an explicit name will remain
 | ||
|    constant.
 | ||
| 
 | ||
|    The lifetime_rec result indicates the length of time for which the
 | ||
|    acquired credentials will be valid, as an offset from the present. A
 | ||
|    mechanism may return a reserved value indicating INDEFINITE if no
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 33]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    constraints on credential lifetime are imposed.  A caller of
 | ||
|    GSS_Acquire_cred() can request a length of time for which acquired
 | ||
|    credentials are to be valid (lifetime_req argument), beginning at the
 | ||
|    present, or can request credentials with a default validity interval.
 | ||
|    (Requests for postdated credentials are not supported within the
 | ||
|    GSS-API.) Certain mechanisms and implementations may bind in
 | ||
|    credential validity period specifiers at a point preliminary to
 | ||
|    invocation of the GSS_Acquire_cred() call (e.g., in conjunction with
 | ||
|    user login procedures). As a result, callers requesting non-default
 | ||
|    values for lifetime_req must recognize that such requests cannot
 | ||
|    always be honored and must be prepared to accommodate the use of
 | ||
|    returned credentials with different lifetimes as indicated in
 | ||
|    lifetime_rec.
 | ||
| 
 | ||
|    The caller of GSS_Acquire_cred() can explicitly specify a set of
 | ||
|    mech_types which are to be accommodated in the returned credentials
 | ||
|    (desired_mechs argument), or can request credentials for a system-
 | ||
|    defined default set of mech_types. Selection of the system-specified
 | ||
|    default set is recommended in the interests of application
 | ||
|    portability. The actual_mechs return value may be interrogated by the
 | ||
|    caller to determine the set of mechanisms with which the returned
 | ||
|    credentials may be used.
 | ||
| 
 | ||
| 2.1.2:  GSS_Release_cred call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  cred_handle CREDENTIAL HANDLE -- if GSS_C_NO_CREDENTIAL
 | ||
|    -- is specified, the call will complete successfully, but
 | ||
|    -- will have no effect; no credential elements will be
 | ||
|    -- released.
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the credentials referenced by the
 | ||
|    input cred_handle were released for purposes of subsequent access by
 | ||
|    the caller. The effect on other processes which may be authorized
 | ||
|    shared access to such credentials is a local matter.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 34]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_NO_CRED indicates that no release operation was performed,
 | ||
|    either because the input cred_handle was invalid or because the
 | ||
|    caller lacks authorization to access the referenced credentials.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the release operation failed for
 | ||
|    reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Provides a means for a caller to explicitly request that credentials
 | ||
|    be released when their use is no longer required. Note that system-
 | ||
|    specific credential management functions are also likely to exist,
 | ||
|    for example to assure that credentials shared among processes are
 | ||
|    properly deleted when all affected processes terminate, even if no
 | ||
|    explicit release requests are issued by those processes. Given the
 | ||
|    fact that multiple callers are not precluded from gaining authorized
 | ||
|    access to the same credentials, invocation of GSS_Release_cred()
 | ||
|    cannot be assumed to delete a particular set of credentials on a
 | ||
|    system-wide basis.
 | ||
| 
 | ||
| 2.1.3:  GSS_Inquire_cred call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  cred_handle CREDENTIAL HANDLE -- if GSS_C_NO_CREDENTIAL
 | ||
|    -- is specified, default initiator credentials are queried
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  cred_name INTERNAL NAME,  -- caller must release with
 | ||
|    -- GSS_Release_name()
 | ||
| 
 | ||
|    o  lifetime_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    o  cred_usage INTEGER, -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY,
 | ||
|    -- 2=ACCEPT-ONLY
 | ||
| 
 | ||
|    o  mech_set SET OF OBJECT IDENTIFIER  -- caller must release
 | ||
|    -- with GSS_Release_oid_set()
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 35]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the credentials referenced by the
 | ||
|    input cred_handle argument were valid, and that the output cred_name,
 | ||
|    lifetime_rec, and cred_usage values represent, respectively, the
 | ||
|    credentials' associated principal name, remaining lifetime, suitable
 | ||
|    usage modes, and supported mechanism types.
 | ||
| 
 | ||
|    o  GSS_S_NO_CRED indicates that no information could be returned
 | ||
|    about the referenced credentials, either because the input
 | ||
|    cred_handle was invalid or because the caller lacks authorization to
 | ||
|    access the referenced credentials.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_CREDENTIAL indicates that the referenced
 | ||
|    credentials are invalid.
 | ||
| 
 | ||
|    o  GSS_S_CREDENTIALS_EXPIRED indicates that the referenced
 | ||
|    credentials have expired.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the operation failed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
|    The GSS_Inquire_cred() call is defined primarily for the use of those
 | ||
|    callers which request use of default credential behavior rather than
 | ||
|    acquiring credentials explicitly with GSS_Acquire_cred().  It enables
 | ||
|    callers to determine a credential structure's associated principal
 | ||
|    name, remaining validity period, usability for security context
 | ||
|    initiation and/or acceptance, and supported mechanisms.
 | ||
| 
 | ||
|    For a multi-mechanism credential, the returned "lifetime" specifier
 | ||
|    indicates the shortest lifetime of any of the mechanisms' elements in
 | ||
|    the credential (for either context initiation or acceptance
 | ||
|    purposes).
 | ||
| 
 | ||
|    GSS_Inquire_cred() should indicate INITIATE-AND-ACCEPT for
 | ||
|    "cred_usage" if both of the following conditions hold:
 | ||
| 
 | ||
|       (1) there exists in the credential an element which allows context
 | ||
|       initiation using some mechanism
 | ||
| 
 | ||
|       (2) there exists in the credential an element which allows context
 | ||
|       acceptance using some mechanism (allowably, but not necessarily,
 | ||
|       one of the same mechanism(s) qualifying for (1)).
 | ||
| 
 | ||
|    If condition (1) holds but not condition (2), GSS_Inquire_cred()
 | ||
|    should indicate INITIATE-ONLY for "cred_usage".  If condition (2)
 | ||
|    holds but not condition (1), GSS_Inquire_cred() should indicate
 | ||
|    ACCEPT-ONLY for "cred_usage".
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 36]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Callers requiring finer disambiguation among available combinations
 | ||
|    of lifetimes, usage modes, and mechanisms should call the
 | ||
|    GSS_Inquire_cred_by_mech() routine, passing that routine one of the
 | ||
|    mech OIDs returned by GSS_Inquire_cred().
 | ||
| 
 | ||
| 2.1.4:  GSS_Add_cred call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  input_cred_handle CREDENTIAL HANDLE -- handle to credential
 | ||
|    -- structure created with prior GSS_Acquire_cred() or
 | ||
|    -- GSS_Add_cred() call; see text for definition of behavior
 | ||
|    -- when GSS_C_NO_CREDENTIAL provided.
 | ||
| 
 | ||
|    o  desired_name INTERNAL NAME
 | ||
| 
 | ||
|    o  initiator_time_req INTEGER -- in seconds; 0 requests default
 | ||
| 
 | ||
|    o  acceptor_time_req INTEGER -- in seconds; 0 requests default
 | ||
| 
 | ||
|    o  desired_mech OBJECT IDENTIFIER
 | ||
| 
 | ||
|    o  cred_usage INTEGER -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY,
 | ||
|    -- 2=ACCEPT-ONLY
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  output_cred_handle CREDENTIAL HANDLE, -- NULL to request that
 | ||
|    -- credential elements be added "in place" to the credential
 | ||
|    -- structure identified by input_cred_handle,
 | ||
|    -- non-NULL pointer to request that
 | ||
|    -- a new credential structure and handle be created.
 | ||
|    -- if credential handle returned, caller must release with
 | ||
|    -- GSS_Release_cred()
 | ||
| 
 | ||
|    o  actual_mechs SET OF OBJECT IDENTIFIER, -- if returned, caller must
 | ||
|    -- release with GSS_Release_oid_set()
 | ||
| 
 | ||
|    o  initiator_time_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    o  acceptor_time_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 37]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  cred_usage INTEGER, -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY,
 | ||
|    -- 2=ACCEPT-ONLY
 | ||
| 
 | ||
|    o  mech_set SET OF OBJECT IDENTIFIER -- full set of mechanisms
 | ||
|    -- supported by resulting credential.
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the credentials referenced by the
 | ||
|    input_cred_handle argument were valid, and that the resulting
 | ||
|    credential from GSS_Add_cred() is valid for the durations indicated
 | ||
|    in initiator_time_rec and acceptor_time_rec, suitable for the usage
 | ||
|    requested in cred_usage, and for the mechanisms indicated in
 | ||
|    actual_mechs.
 | ||
| 
 | ||
|    o  GSS_S_DUPLICATE_ELEMENT indicates that the input desired_mech
 | ||
|    specified a mechanism for which the referenced credential already
 | ||
|    contained a credential element with overlapping cred_usage and
 | ||
|    validity time specifiers.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that the input desired_mech specified a
 | ||
|    mechanism unsupported by the GSS-API implementation, causing the
 | ||
|    GSS_Add_cred() operation to fail.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the provided desired_name is
 | ||
|    uninterpretable or of a type unsupported by the applicable underlying
 | ||
|    GSS-API mechanism(s), so the GSS_Add_cred() operation could not be
 | ||
|    performed for that name.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the provided desired_name is
 | ||
|    inconsistent in terms of internally-incorporated type specifier
 | ||
|    information, so the GSS_Add_cred() operation could not be performed
 | ||
|    for that name.
 | ||
| 
 | ||
|    o  GSS_S_NO_CRED indicates that the input_cred_handle referenced
 | ||
|    invalid or inaccessible credentials. In particular, this status
 | ||
|    should be returned upon temporary user-fixable conditions preventing
 | ||
|    successful credential establishment or upon lack of authorization to
 | ||
|    establish or use credentials representing the requested identity.
 | ||
| 
 | ||
|    o  GSS_S_CREDENTIALS_EXPIRED indicates that referenced credential
 | ||
|    elements have expired, so the GSS_Add_cred() operation could not be
 | ||
|    performed.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the operation failed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 38]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    GSS_Add_cred() enables callers to construct credentials iteratively
 | ||
|    by adding credential elements in successive operations, corresponding
 | ||
|    to different mechanisms.  This offers particular value in multi-
 | ||
|    mechanism environments, as the major_status and minor_status values
 | ||
|    returned on each iteration are individually visible and can therefore
 | ||
|    be interpreted unambiguously on a per-mechanism basis. A credential
 | ||
|    element is identified by the name of the principal to which it
 | ||
|    refers.  GSS-API implementations must impose a local access control
 | ||
|    policy on callers of this routine to prevent unauthorized callers
 | ||
|    from acquiring credential elements to which they are not entitled.
 | ||
|    This routine is not intended to provide a "login to the network"
 | ||
|    function, as such a function would involve the creation of new
 | ||
|    mechanism-specific authentication data, rather than merely acquiring
 | ||
|    a GSS-API handle to existing data.  Such functions, if required,
 | ||
|    should be defined in implementation-specific extension routines.
 | ||
| 
 | ||
|    If credential acquisition is time-consuming for a mechanism, the
 | ||
|    mechanism may choose to delay the actual acquisition until the
 | ||
|    credential is required (e.g. by GSS_Init_sec_context() or
 | ||
|    GSS_Accept_sec_context()).  Such mechanism-specific implementation
 | ||
|    decisions should be invisible to the calling application; thus a call
 | ||
|    of GSS_Inquire_cred() immediately following the call of
 | ||
|    GSS_Acquire_cred() must return valid credential data, and may
 | ||
|    therefore incur the overhead of a deferred credential acquisition.
 | ||
| 
 | ||
|    If GSS_C_NO_CREDENTIAL is specified as input_cred_handle, a non-NULL
 | ||
|    output_cred_handle must be supplied.  For the case of
 | ||
|    GSS_C_NO_CREDENTIAL as input_cred_handle, GSS_Add_cred() will create
 | ||
|    the credential referenced by its output_cred_handle based on default
 | ||
|    behavior.  That is, the call will have the same effect as if the
 | ||
|    caller had previously called GSS_Acquire_cred(), specifying the same
 | ||
|    usage and passing GSS_C_NO_NAME as the desired_name parameter
 | ||
|    (thereby obtaining an explicit credential handle corresponding to
 | ||
|    default behavior), had passed that credential handle to
 | ||
|    GSS_Add_cred(), and had finally called GSS_Release_cred() on the
 | ||
|    credential handle received from GSS_Acquire_cred().
 | ||
| 
 | ||
|    This routine is expected to be used primarily by context acceptors,
 | ||
|    since implementations are likely to provide mechanism-specific ways
 | ||
|    of obtaining GSS-API initiator credentials from the system login
 | ||
|    process.  Some implementations may therefore not support the
 | ||
|    acquisition of GSS_C_INITIATE or GSS_C_BOTH credentials via
 | ||
|    GSS_Acquire_cred() for any name other than GSS_C_NO_NAME, or a name
 | ||
|    resulting from applying GSS_Inquire_context() to an active context,
 | ||
|    or a name resulting from applying GSS_Inquire_cred() against a
 | ||
|    credential handle corresponding to default behavior. It is important
 | ||
|    to recognize that the explicit name which is yielded by resolving a
 | ||
|    default reference may change over time, e.g., as a result of local
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 39]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    credential element management operations outside GSS-API; once
 | ||
|    resolved, however, the value of such an explicit name will remain
 | ||
|    constant.
 | ||
| 
 | ||
|    A caller may provide the value NULL (GSS_C_NO_NAME) for desired_name,
 | ||
|    which will be interpreted as a request for a credential handle that
 | ||
|    will invoke default behavior when passed to GSS_Init_sec_context(),
 | ||
|    if cred_usage is GSS_C_INITIATE or GSS_C_BOTH, or
 | ||
|    GSS_Accept_sec_context(), if cred_usage is GSS_C_ACCEPT or
 | ||
|    GSS_C_BOTH.
 | ||
| 
 | ||
|    The same input desired_name, or default reference, should be used on
 | ||
|    all GSS_Acquire_cred() and GSS_Add_cred() calls corresponding to a
 | ||
|    particular credential.
 | ||
| 
 | ||
| 2.1.5:  GSS_Inquire_cred_by_mech call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  cred_handle CREDENTIAL HANDLE -- if GSS_C_NO_CREDENTIAL
 | ||
|    -- specified, default initiator credentials are queried
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER  -- specific mechanism for
 | ||
|    -- which credentials are being queried
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  cred_name INTERNAL NAME, -- guaranteed to be MN; caller must
 | ||
|    -- release with GSS_Release_name()
 | ||
| 
 | ||
|    o  lifetime_rec_initiate INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    o  lifetime_rec_accept INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    o  cred_usage INTEGER, -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY,
 | ||
|    -- 2=ACCEPT-ONLY
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the credentials referenced by the
 | ||
|    input cred_handle argument were valid, that the mechanism indicated
 | ||
|    by the input mech_type was represented with elements within those
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 40]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    credentials, and that the output cred_name, lifetime_rec_initiate,
 | ||
|    lifetime_rec_accept, and cred_usage values represent, respectively,
 | ||
|    the credentials' associated principal name, remaining lifetimes, and
 | ||
|    suitable usage modes.
 | ||
| 
 | ||
|    o  GSS_S_NO_CRED indicates that no information could be returned
 | ||
|    about the referenced credentials, either because the input
 | ||
|    cred_handle was invalid or because the caller lacks authorization to
 | ||
|    access the referenced credentials.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_CREDENTIAL indicates that the referenced
 | ||
|    credentials are invalid.
 | ||
| 
 | ||
|    o  GSS_S_CREDENTIALS_EXPIRED indicates that the referenced
 | ||
|    credentials have expired.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that the referenced credentials do not
 | ||
|    contain elements for the requested mechanism.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the operation failed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
|    The GSS_Inquire_cred_by_mech() call enables callers in multi-
 | ||
|    mechanism environments to acquire specific data about available
 | ||
|    combinations of lifetimes, usage modes, and mechanisms within a
 | ||
|    credential structure.  The lifetime_rec_initiate result indicates the
 | ||
|    available lifetime for context initiation purposes; the
 | ||
|    lifetime_rec_accept result indicates the available lifetime for
 | ||
|    context acceptance purposes.
 | ||
| 
 | ||
| 2.2:  Context-level calls
 | ||
| 
 | ||
|    This group of calls is devoted to the establishment and management of
 | ||
|    security contexts between peers. A context's initiator calls
 | ||
|    GSS_Init_sec_context(), resulting in generation of a token which the
 | ||
|    caller passes to the target. At the target, that token is passed to
 | ||
|    GSS_Accept_sec_context(). Depending on the underlying mech_type and
 | ||
|    specified options, additional token exchanges may be performed in the
 | ||
|    course of context establishment; such exchanges are accommodated by
 | ||
|    GSS_S_CONTINUE_NEEDED status returns from GSS_Init_sec_context() and
 | ||
|    GSS_Accept_sec_context().
 | ||
| 
 | ||
|    Either party to an established context may invoke
 | ||
|    GSS_Delete_sec_context() to flush context information when a context
 | ||
|    is no longer required. GSS_Process_context_token() is used to process
 | ||
|    received tokens carrying context-level control information.
 | ||
|    GSS_Context_time() allows a caller to determine the length of time
 | ||
|    for which an established context will remain valid.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 41]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    GSS_Inquire_context() returns status information describing context
 | ||
|    characteristics. GSS_Wrap_size_limit() allows a caller to determine
 | ||
|    the size of a token which will be generated by a GSS_Wrap()
 | ||
|    operation.  GSS_Export_sec_context() and GSS_Import_sec_context()
 | ||
|    enable transfer of active contexts between processes on an end
 | ||
|    system.
 | ||
| 
 | ||
| 2.2.1:  GSS_Init_sec_context call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  claimant_cred_handle CREDENTIAL HANDLE, -- NULL specifies "use
 | ||
|    -- default"
 | ||
| 
 | ||
|    o  input_context_handle CONTEXT HANDLE, -- 0
 | ||
|    -- (GSS_C_NO_CONTEXT) specifies "none assigned yet"
 | ||
| 
 | ||
|    o  targ_name INTERNAL NAME,
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER, -- NULL parameter specifies "use
 | ||
|    -- default"
 | ||
| 
 | ||
|    o  deleg_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  mutual_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  replay_det_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  sequence_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  anon_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  conf_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  integ_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  lifetime_req INTEGER, -- 0 specifies default lifetime
 | ||
| 
 | ||
|    o  chan_bindings OCTET STRING,
 | ||
| 
 | ||
|    o  input_token OCTET STRING -- NULL or token received from target
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 42]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  output_context_handle CONTEXT HANDLE,  -- once returned non-NULL,
 | ||
|    -- caller must release with GSS_Delete_sec_context()
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER, -- actual mechanism always
 | ||
|    -- indicated, never NULL; caller should treat as read-only
 | ||
|    -- and should not attempt to release
 | ||
| 
 | ||
|    o  output_token OCTET STRING, -- NULL or token to pass to context
 | ||
|    -- target; caller must release with GSS_Release_buffer()
 | ||
| 
 | ||
|    o  deleg_state BOOLEAN,
 | ||
| 
 | ||
|    o  mutual_state BOOLEAN,
 | ||
| 
 | ||
|    o  replay_det_state BOOLEAN,
 | ||
| 
 | ||
|    o  sequence_state BOOLEAN,
 | ||
| 
 | ||
|    o  anon_state BOOLEAN,
 | ||
| 
 | ||
|    o  trans_state BOOLEAN,
 | ||
| 
 | ||
|    o  prot_ready_state BOOLEAN, -- see Section 1.2.7
 | ||
| 
 | ||
|    o  conf_avail BOOLEAN,
 | ||
| 
 | ||
|    o  integ_avail BOOLEAN,
 | ||
| 
 | ||
|    o  lifetime_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    This call may block pending network interactions for those mech_types
 | ||
|    in which an authentication server or other network entity must be
 | ||
|    consulted on behalf of a context initiator in order to generate an
 | ||
|    output_token suitable for presentation to a specified target.
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that context-level information was
 | ||
|    successfully initialized, and that the returned output_token will
 | ||
|    provide sufficient information for the target to perform per-message
 | ||
|    processing on the newly-established context.
 | ||
| 
 | ||
|    o  GSS_S_CONTINUE_NEEDED indicates that control information in the
 | ||
|    returned output_token must be sent to the target, and that a reply
 | ||
|    must be received and passed as the input_token argument
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 43]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    to a continuation call to GSS_Init_sec_context(), before per-message
 | ||
|    processing can be performed in conjunction with this context (unless
 | ||
|    the prot_ready_state value is concurrently returned TRUE).
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_TOKEN indicates that consistency checks performed
 | ||
|    on the input_token failed, preventing further processing from being
 | ||
|    performed based on that token.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_CREDENTIAL indicates that consistency checks
 | ||
|    performed on the credential structure referenced by
 | ||
|    claimant_cred_handle failed, preventing further processing from being
 | ||
|    performed using that credential structure.
 | ||
| 
 | ||
|    o  GSS_S_BAD_SIG (GSS_S_BAD_MIC) indicates that the received
 | ||
|    input_token contains an incorrect integrity check, so context setup
 | ||
|    cannot be accomplished.
 | ||
| 
 | ||
|    o  GSS_S_NO_CRED indicates that no context was established, either
 | ||
|    because the input cred_handle was invalid, because the referenced
 | ||
|    credentials are valid for context acceptor use only, because the
 | ||
|    caller lacks authorization to access the referenced credentials, or
 | ||
|    because the resolution of default credentials failed.
 | ||
| 
 | ||
|    o  GSS_S_CREDENTIALS_EXPIRED indicates that the credentials provided
 | ||
|    through the input claimant_cred_handle argument are no longer valid,
 | ||
|    so context establishment cannot be completed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_BINDINGS indicates that a mismatch between the caller-
 | ||
|    provided chan_bindings and those extracted from the input_token was
 | ||
|    detected, signifying a security-relevant event and preventing context
 | ||
|    establishment. (This result will be returned by
 | ||
|    GSS_Init_sec_context() only for contexts where mutual_state is TRUE.)
 | ||
| 
 | ||
|    o  GSS_S_OLD_TOKEN indicates that the input_token is too old to be
 | ||
|    checked for integrity. This is a fatal error during context
 | ||
|    establishment.
 | ||
| 
 | ||
|    o  GSS_S_DUPLICATE_TOKEN indicates that the input token has a correct
 | ||
|    integrity check, but is a duplicate of a token already processed.
 | ||
|    This is a fatal error during context establishment.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided; this major status will be
 | ||
|    returned only for successor calls following GSS_S_CONTINUE_ NEEDED
 | ||
|    status returns.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 44]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the provided targ_name is of a
 | ||
|    type uninterpretable or unsupported by the applicable underlying
 | ||
|    GSS-API mechanism(s), so context establishment cannot be completed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the provided targ_name is
 | ||
|    inconsistent in terms of internally-incorporated type specifier
 | ||
|    information, so context establishment cannot be accomplished.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates receipt of a context establishment token
 | ||
|    or of a caller request specifying a mechanism unsupported by the
 | ||
|    local system or with the caller's active credentials
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that context setup could not be
 | ||
|    accomplished for reasons unspecified at the GSS-API level, and that
 | ||
|    no interface-defined recovery action is available.
 | ||
| 
 | ||
|    This routine is used by a context initiator, and ordinarily emits an
 | ||
|    output_token suitable for use by the target within the selected
 | ||
|    mech_type's protocol.  For the case of a multi-step exchange, this
 | ||
|    output_token will be one in a series, each generated by a successive
 | ||
|    call. Using information in the credentials structure referenced by
 | ||
|    claimant_cred_handle, GSS_Init_sec_context() initializes the data
 | ||
|    structures required to establish a security context with target
 | ||
|    targ_name.
 | ||
| 
 | ||
|    The targ_name may be any valid INTERNAL NAME; it need not be an MN.
 | ||
|    In addition to support for other name types, it is recommended (newly
 | ||
|    as of GSS-V2, Update 1) that mechanisms be able to accept
 | ||
|    GSS_C_NO_NAME as an input type for targ_name.  While recommended,
 | ||
|    such support is not required, and it is recognized that not all
 | ||
|    mechanisms can construct tokens without explicitly naming the context
 | ||
|    target, even when mutual authentication of the target is not
 | ||
|    obtained.  Callers wishing to make use of this facility and concerned
 | ||
|    with portability should be aware that support for GSS_C_NO_NAME as
 | ||
|    input targ_name type is unlikely to be provided within mechanism
 | ||
|    definitions specified prior to GSS-V2, Update 1.
 | ||
| 
 | ||
|    The claimant_cred_handle must correspond to the same valid
 | ||
|    credentials structure on the initial call to GSS_Init_sec_context()
 | ||
|    and on any successor calls resulting from GSS_S_CONTINUE_NEEDED
 | ||
|    status returns; different protocol sequences modeled by the
 | ||
|    GSS_S_CONTINUE_NEEDED facility will require access to credentials at
 | ||
|    different points in the context establishment sequence.
 | ||
| 
 | ||
|    The caller-provided input_context_handle argument is to be 0
 | ||
|    (GSS_C_NO_CONTEXT), specifying "not yet assigned", on the first
 | ||
|    GSS_Init_sec_context()  call relating to a given context. If
 | ||
|    successful (i.e., if accompanied by major_status GSS_S_COMPLETE or
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 45]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    GSS_S_CONTINUE_NEEDED), and only if successful, the initial
 | ||
|    GSS_Init_sec_context() call returns a non-zero output_context_handle
 | ||
|    for use in future references to this context.  Once a non-zero
 | ||
|    output_context_handle has been returned, GSS-API callers should call
 | ||
|    GSS_Delete_sec_context() to release context-related resources if
 | ||
|    errors occur in later phases of context establishment, or when an
 | ||
|    established context is no longer required. If GSS_Init_sec_context()
 | ||
|    is passed the handle of a context which is already fully established,
 | ||
|    GSS_S_FAILURE status is returned.
 | ||
| 
 | ||
|    When continuation attempts to GSS_Init_sec_context() are needed to
 | ||
|    perform context establishment, the previously-returned non-zero
 | ||
|    handle value is entered into the input_context_handle argument and
 | ||
|    will be echoed in the returned output_context_handle argument. On
 | ||
|    such continuation attempts (and only on continuation attempts) the
 | ||
|    input_token value is used, to provide the token returned from the
 | ||
|    context's target.
 | ||
| 
 | ||
|    The chan_bindings argument is used by the caller to provide
 | ||
|    information binding the security context to security-related
 | ||
|    characteristics (e.g., addresses, cryptographic keys) of the
 | ||
|    underlying communications channel. See Section 1.1.6 of this document
 | ||
|    for more discussion of this argument's usage.
 | ||
| 
 | ||
|    The input_token argument contains a message received from the target,
 | ||
|    and is significant only on a call to GSS_Init_sec_context() which
 | ||
|    follows a previous return indicating GSS_S_CONTINUE_NEEDED
 | ||
|    major_status.
 | ||
| 
 | ||
|    It is the caller's responsibility to establish a communications path
 | ||
|    to the target, and to transmit any returned output_token (independent
 | ||
|    of the accompanying returned major_status value) to the target over
 | ||
|    that path. The output_token can, however, be transmitted along with
 | ||
|    the first application-provided input message to be processed by
 | ||
|    GSS_GetMIC() or GSS_Wrap() in conjunction with a successfully-
 | ||
|    established context. (Note: when the GSS-V2 prot_ready_state
 | ||
|    indicator is returned TRUE, it can be possible to transfer a
 | ||
|    protected message before context establishment is complete:  see also
 | ||
|    Section 1.2.7)
 | ||
| 
 | ||
|    The initiator may request various context-level functions through
 | ||
|    input flags: the deleg_req_flag requests delegation of access rights,
 | ||
|    the mutual_req_flag requests mutual authentication, the
 | ||
|    replay_det_req_flag requests that replay detection features be
 | ||
|    applied to messages transferred on the established context, and the
 | ||
|    sequence_req_flag requests that sequencing be enforced. (See Section
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 46]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    1.2.3 for more information on replay detection and sequencing
 | ||
|    features.)  The anon_req_flag requests that the initiator's identity
 | ||
|    not be transferred within tokens to be sent to the acceptor.
 | ||
| 
 | ||
|    The conf_req_flag and integ_req_flag provide informatory inputs to
 | ||
|    the GSS-API implementation as to whether, respectively, per-message
 | ||
|    confidentiality and per-message integrity services will be required
 | ||
|    on the context.  This information is important as an input to
 | ||
|    negotiating mechanisms.  It is important to recognize, however, that
 | ||
|    the inclusion of these flags (which are newly defined for GSS-V2)
 | ||
|    introduces a backward incompatibility with callers implemented to
 | ||
|    GSS-V1, where the flags were not defined.  Since no GSS-V1 callers
 | ||
|    would set these flags, even if per-message services are desired,
 | ||
|    GSS-V2 mechanism implementations which enable such services
 | ||
|    selectively based on the flags' values may fail to provide them to
 | ||
|    contexts established for GSS-V1 callers.  It may be appropriate under
 | ||
|    certain circumstances, therefore, for such mechanism implementations
 | ||
|    to infer these service request flags to be set if a caller is known
 | ||
|    to be implemented to GSS-V1.
 | ||
| 
 | ||
|    Not all of the optionally-requestable features will be available in
 | ||
|    all underlying mech_types. The corresponding return state values
 | ||
|    deleg_state, mutual_state, replay_det_state, and sequence_state
 | ||
|    indicate, as a function of mech_type processing capabilities and
 | ||
|    initiator-provided input flags, the set of features which will be
 | ||
|    active on the context.  The returned trans_state value indicates
 | ||
|    whether the context is transferable to other processes through use of
 | ||
|    GSS_Export_sec_context().  These state indicators' values are
 | ||
|    undefined unless either the routine's major_status indicates
 | ||
|    GSS_S_COMPLETE, or TRUE prot_ready_state is returned along with
 | ||
|    GSS_S_CONTINUE_NEEDED major_status; for the latter case, it is
 | ||
|    possible that additional features, not confirmed or indicated along
 | ||
|    with TRUE prot_ready_state, will be confirmed and indicated when
 | ||
|    GSS_S_COMPLETE is subsequently returned.
 | ||
| 
 | ||
|    The returned anon_state and prot_ready_state values are significant
 | ||
|    for both GSS_S_COMPLETE and GSS_S_CONTINUE_NEEDED major_status
 | ||
|    returns from GSS_Init_sec_context(). When anon_state is returned
 | ||
|    TRUE, this indicates that neither the current token nor its
 | ||
|    predecessors delivers or has delivered the initiator's identity.
 | ||
|    Callers wishing to perform context establishment only if anonymity
 | ||
|    support is provided should transfer a returned token from
 | ||
|    GSS_Init_sec_context() to the peer only if it is accompanied by a
 | ||
|    TRUE anon_state indicator.  When prot_ready_state is returned TRUE in
 | ||
|    conjunction with GSS_S_CONTINUE_NEEDED major_status, this indicates
 | ||
|    that per-message protection operations may be applied on the context:
 | ||
|    see Section 1.2.7 for further discussion of this facility.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 47]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Failure to provide the precise set of features requested by the
 | ||
|    caller does not cause context establishment to fail; it is the
 | ||
|    caller's prerogative to delete the context if the feature set
 | ||
|    provided is unsuitable for the caller's use.
 | ||
| 
 | ||
|    The returned mech_type value indicates the specific mechanism
 | ||
|    employed on the context; it will never indicate the value for
 | ||
|    "default".  A valid mech_type result must be returned along with a
 | ||
|    GSS_S_COMPLETE status return; GSS-API implementations may (but are
 | ||
|    not required to) also return mech_type along with predecessor calls
 | ||
|    indicating GSS_S_CONTINUE_NEEDED status or (if a mechanism is
 | ||
|    determinable) in conjunction with fatal error cases.  For the case of
 | ||
|    mechanisms which themselves perform negotiation, the returned
 | ||
|    mech_type result may indicate selection of a mechanism identified by
 | ||
|    an OID different than that passed in the input mech_type argument,
 | ||
|    and the returned value may change between successive calls returning
 | ||
|    GSS_S_CONTINUE_NEEDED and the final call returning GSS_S_COMPLETE.
 | ||
| 
 | ||
|    The conf_avail return value indicates whether the context supports
 | ||
|    per-message confidentiality services, and so informs the caller
 | ||
|    whether or not a request for encryption through the conf_req_flag
 | ||
|    input to GSS_Wrap() can be honored. In similar fashion, the
 | ||
|    integ_avail return value indicates whether per-message integrity
 | ||
|    services are available (through either GSS_GetMIC() or GSS_Wrap()) on
 | ||
|    the established context. These state indicators' values are undefined
 | ||
|    unless either the routine's major_status indicates GSS_S_COMPLETE, or
 | ||
|    TRUE prot_ready_state is returned along with GSS_S_CONTINUE_NEEDED
 | ||
|    major_status.
 | ||
| 
 | ||
|    The lifetime_req input specifies a desired upper bound for the
 | ||
|    lifetime of the context to be established, with a value of 0 used to
 | ||
|    request a default lifetime. The lifetime_rec return value indicates
 | ||
|    the length of time for which the context will be valid, expressed as
 | ||
|    an offset from the present; depending on mechanism capabilities,
 | ||
|    credential lifetimes, and local policy, it may not correspond to the
 | ||
|    value requested in lifetime_req.  If no constraints on context
 | ||
|    lifetime are imposed, this may be indicated by returning a reserved
 | ||
|    value representing INDEFINITE lifetime_req. The value of lifetime_rec
 | ||
|    is undefined unless the routine's major_status indicates
 | ||
|    GSS_S_COMPLETE.
 | ||
| 
 | ||
|    If the mutual_state is TRUE, this fact will be reflected within the
 | ||
|    output_token. A call to GSS_Accept_sec_context() at the target in
 | ||
|    conjunction with such a context will return a token, to be processed
 | ||
|    by a continuation call to GSS_Init_sec_context(), in order to achieve
 | ||
|    mutual authentication.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 48]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 2.2.2:  GSS_Accept_sec_context call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  acceptor_cred_handle CREDENTIAL HANDLE, -- NULL specifies
 | ||
|    -- "use default"
 | ||
| 
 | ||
|    o  input_context_handle CONTEXT HANDLE, -- 0
 | ||
|    -- (GSS_C_NO_CONTEXT) specifies "not yet assigned"
 | ||
| 
 | ||
|    o  chan_bindings OCTET STRING,
 | ||
| 
 | ||
|    o  input_token OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  src_name INTERNAL NAME, -- guaranteed to be MN
 | ||
|    -- once returned, caller must release with GSS_Release_name()
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER, -- caller should treat as
 | ||
|    -- read-only; does not need to be released
 | ||
| 
 | ||
|    o  output_context_handle CONTEXT HANDLE, -- once returned
 | ||
|    -- non-NULL in context establishment sequence, caller
 | ||
|    -- must release with GSS_Delete_sec_context()
 | ||
| 
 | ||
|    o  deleg_state BOOLEAN,
 | ||
| 
 | ||
|    o  mutual_state BOOLEAN,
 | ||
| 
 | ||
|    o  replay_det_state BOOLEAN,
 | ||
| 
 | ||
|    o  sequence_state BOOLEAN,
 | ||
| 
 | ||
|    o  anon_state BOOLEAN,
 | ||
| 
 | ||
|    o  trans_state BOOLEAN,
 | ||
| 
 | ||
|    o  prot_ready_state BOOLEAN, -- see Section 1.2.7 for discussion
 | ||
| 
 | ||
|    o  conf_avail BOOLEAN,
 | ||
| 
 | ||
|    o  integ_avail BOOLEAN,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 49]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  lifetime_rec INTEGER, -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    o  delegated_cred_handle CREDENTIAL HANDLE, -- if returned non-NULL,
 | ||
|    -- caller must release with GSS_Release_cred()
 | ||
| 
 | ||
|    o  output_token OCTET STRING -- NULL or token to pass to context
 | ||
|    -- initiator; if returned non-NULL, caller must release with
 | ||
|    -- GSS_Release_buffer()
 | ||
| 
 | ||
|    This call may block pending network interactions for those mech_types
 | ||
|    in which a directory service or other network entity must be
 | ||
|    consulted on behalf of a context acceptor in order to validate a
 | ||
|    received input_token.
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that context-level data structures were
 | ||
|    successfully initialized, and that per-message processing can now be
 | ||
|    performed in conjunction with this context.
 | ||
| 
 | ||
|    o  GSS_S_CONTINUE_NEEDED indicates that control information in the
 | ||
|    returned output_token must be sent to the initiator, and that a
 | ||
|    response must be received and passed as the input_token argument to a
 | ||
|    continuation call to GSS_Accept_sec_context(), before per-message
 | ||
|    processing can be performed in conjunction with this context.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_TOKEN indicates that consistency checks performed
 | ||
|    on the input_token failed, preventing further processing from being
 | ||
|    performed based on that token.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_CREDENTIAL indicates that consistency checks
 | ||
|    performed on the credential structure referenced by
 | ||
|    acceptor_cred_handle failed, preventing further processing from being
 | ||
|    performed using that credential structure.
 | ||
| 
 | ||
|    o  GSS_S_BAD_SIG (GSS_S_BAD_MIC) indicates that the received
 | ||
|    input_token contains an incorrect integrity check, so context setup
 | ||
|    cannot be accomplished.
 | ||
| 
 | ||
|    o  GSS_S_DUPLICATE_TOKEN indicates that the integrity check on the
 | ||
|    received input_token was correct, but that the input_token was
 | ||
|    recognized as a duplicate of an input_token already processed. No new
 | ||
|    context is established.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 50]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_OLD_TOKEN indicates that the integrity check on the received
 | ||
|    input_token was correct, but that the input_token is too old to be
 | ||
|    checked for duplication against previously-processed input_tokens. No
 | ||
|    new context is established.
 | ||
| 
 | ||
|    o  GSS_S_NO_CRED indicates that no context was established, either
 | ||
|    because the input cred_handle was invalid, because the referenced
 | ||
|    credentials are valid for context initiator use only, because the
 | ||
|    caller lacks authorization to access the referenced credentials, or
 | ||
|    because the procedure for default credential resolution failed.
 | ||
| 
 | ||
|    o  GSS_S_CREDENTIALS_EXPIRED indicates that the credentials provided
 | ||
|    through the input acceptor_cred_handle argument are no longer valid,
 | ||
|    so context establishment cannot be completed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_BINDINGS indicates that a mismatch between the caller-
 | ||
|    provided chan_bindings and those extracted from the input_token was
 | ||
|    detected, signifying a security-relevant event and preventing context
 | ||
|    establishment.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided; this major status will be
 | ||
|    returned only for successor calls following GSS_S_CONTINUE_ NEEDED
 | ||
|    status returns.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates receipt of a context establishment token
 | ||
|    specifying a mechanism unsupported by the local system or with the
 | ||
|    caller's active credentials.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that context setup could not be
 | ||
|    accomplished for reasons unspecified at the GSS-API level, and that
 | ||
|    no interface-defined recovery action is available.
 | ||
| 
 | ||
|    The GSS_Accept_sec_context() routine is used by a context target.
 | ||
|    Using information in the credentials structure referenced by the
 | ||
|    input acceptor_cred_handle, it verifies the incoming input_token and
 | ||
|    (following the successful completion of a context establishment
 | ||
|    sequence) returns the authenticated src_name and the mech_type used.
 | ||
|    The returned src_name is guaranteed to be an MN, processed by the
 | ||
|    mechanism under which the context was established. The
 | ||
|    acceptor_cred_handle must correspond to the same valid credentials
 | ||
|    structure on the initial call to GSS_Accept_sec_context() and on any
 | ||
|    successor calls resulting from GSS_S_CONTINUE_NEEDED status returns;
 | ||
|    different protocol sequences modeled by the GSS_S_CONTINUE_NEEDED
 | ||
|    mechanism will require access to credentials at different points in
 | ||
|    the context establishment sequence.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 51]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    The caller-provided input_context_handle argument is to be 0
 | ||
|    (GSS_C_NO_CONTEXT), specifying "not yet assigned", on the first
 | ||
|    GSS_Accept_sec_context() call relating to a given context. If
 | ||
|    successful (i.e., if accompanied by major_status GSS_S_COMPLETE or
 | ||
|    GSS_S_CONTINUE_NEEDED), and only if successful, the initial
 | ||
|    GSS_Accept_sec_context() call returns a non-zero
 | ||
|    output_context_handle for use in future references to this context.
 | ||
|    Once a non-zero output_context_handle has been returned, GSS-API
 | ||
|    callers should call GSS_Delete_sec_context() to release context-
 | ||
|    related resources if errors occur in later phases of context
 | ||
|    establishment, or when an established context is no longer required.
 | ||
|    If GSS_Accept_sec_context() is passed the handle of a context which
 | ||
|    is already fully established, GSS_S_FAILURE status is returned.
 | ||
| 
 | ||
|    The chan_bindings argument is used by the caller to provide
 | ||
|    information binding the security context to security-related
 | ||
|    characteristics (e.g., addresses, cryptographic keys) of the
 | ||
|    underlying communications channel. See Section 1.1.6 of this document
 | ||
|    for more discussion of this argument's usage.
 | ||
| 
 | ||
|    The returned state results (deleg_state, mutual_state,
 | ||
|    replay_det_state, sequence_state, anon_state, trans_state, and
 | ||
|    prot_ready_state) reflect the same information as described for
 | ||
|    GSS_Init_sec_context(), and their values are significant under the
 | ||
|    same return state conditions.
 | ||
| 
 | ||
|    The conf_avail return value indicates whether the context supports
 | ||
|    per-message confidentiality services, and so informs the caller
 | ||
|    whether or not a request for encryption through the conf_req_flag
 | ||
|    input to GSS_Wrap() can be honored. In similar fashion, the
 | ||
|    integ_avail return value indicates whether per-message integrity
 | ||
|    services are available (through either GSS_GetMIC()  or GSS_Wrap())
 | ||
|    on the established context.  These values are significant under the
 | ||
|    same return state conditions as described under
 | ||
|    GSS_Init_sec_context().
 | ||
| 
 | ||
|    The lifetime_rec return value is significant only in conjunction with
 | ||
|    GSS_S_COMPLETE major_status, and indicates the length of time for
 | ||
|    which the context will be valid, expressed as an offset from the
 | ||
|    present.
 | ||
| 
 | ||
|    The returned mech_type value indicates the specific mechanism
 | ||
|    employed on the context; it will never indicate the value for
 | ||
|    "default".  A valid mech_type result must be returned whenever
 | ||
|    GSS_S_COMPLETE status is indicated; GSS-API implementations may (but
 | ||
|    are not required to) also return mech_type along with predecessor
 | ||
|    calls indicating GSS_S_CONTINUE_NEEDED status or (if a mechanism is
 | ||
|    determinable) in conjunction with fatal error cases.  For the case of
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 52]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    mechanisms which themselves perform negotiation, the returned
 | ||
|    mech_type result may indicate selection of a mechanism identified by
 | ||
|    an OID different than that passed in the input mech_type argument,
 | ||
|    and the returned value may change between successive calls returning
 | ||
|    GSS_S_CONTINUE_NEEDED and the final call returning GSS_S_COMPLETE.
 | ||
| 
 | ||
|    The delegated_cred_handle result is significant only when deleg_state
 | ||
|    is TRUE, and provides a means for the target to reference the
 | ||
|    delegated credentials. The output_token result, when non-NULL,
 | ||
|    provides a context-level token to be returned to the context
 | ||
|    initiator to continue a multi-step context establishment sequence. As
 | ||
|    noted with GSS_Init_sec_context(), any returned token should be
 | ||
|    transferred to the context's peer (in this case, the context
 | ||
|    initiator), independent of the value of the accompanying returned
 | ||
|    major_status.
 | ||
| 
 | ||
|    Note: A target must be able to distinguish a context-level
 | ||
|    input_token, which is passed to GSS_Accept_sec_context(), from the
 | ||
|    per-message data elements passed to GSS_VerifyMIC()  or GSS_Unwrap().
 | ||
|    These data elements may arrive in a single application message, and
 | ||
|    GSS_Accept_sec_context() must be performed before per-message
 | ||
|    processing can be performed successfully.
 | ||
| 
 | ||
| 2.2.3: GSS_Delete_sec_context call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  output_context_token OCTET STRING
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the context was recognized, and that
 | ||
|    relevant context-specific information was flushed.  If the caller
 | ||
|    provides a non-null buffer to receive an output_context_token, and
 | ||
|    the mechanism returns a non-NULL token into that buffer, the returned
 | ||
|    output_context_token is ready for transfer to the context's peer.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided, so no deletion was performed.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 53]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the context is recognized, but that
 | ||
|    the GSS_Delete_sec_context() operation could not be performed for
 | ||
|    reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This call can be made by either peer in a security context, to flush
 | ||
|    context-specific information. Once a non-zero output_context_handle
 | ||
|    has been returned by context establishment calls, GSS-API callers
 | ||
|    should call GSS_Delete_sec_context() to release context-related
 | ||
|    resources if errors occur in later phases of context establishment,
 | ||
|    or when an established context is no longer required.  This call may
 | ||
|    block pending network interactions for mech_types in which active
 | ||
|    notification must be made to a central server when a security context
 | ||
|    is to be deleted.
 | ||
| 
 | ||
|    If a non-null output_context_token parameter is provided by the
 | ||
|    caller, an output_context_token may be returned to the caller.  If an
 | ||
|    output_context_token is provided to the caller, it can be passed to
 | ||
|    the context's peer to inform the peer's GSS-API implementation that
 | ||
|    the peer's corresponding context information can also be flushed.
 | ||
|    (Once a context is established, the peers involved are expected to
 | ||
|    retain cached credential and context-related information until the
 | ||
|    information's expiration time is reached or until a
 | ||
|    GSS_Delete_sec_context() call is made.)
 | ||
| 
 | ||
|    The facility for context_token usage to signal context deletion is
 | ||
|    retained for compatibility with GSS-API Version 1.  For current
 | ||
|    usage, it is recommended that both peers to a context invoke
 | ||
|    GSS_Delete_sec_context() independently, passing a null
 | ||
|    output_context_token buffer to indicate that no context_token is
 | ||
|    required.  Implementations of GSS_Delete_sec_context() should delete
 | ||
|    relevant locally-stored context information.
 | ||
| 
 | ||
|    Attempts to perform per-message processing on a deleted context will
 | ||
|    result in error returns.
 | ||
| 
 | ||
| 2.2.4:  GSS_Process_context_token call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    o  input_context_token OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 54]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the input_context_token was
 | ||
|    successfully processed in conjunction with the context referenced by
 | ||
|    context_handle.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_TOKEN indicates that consistency checks performed
 | ||
|    on the received context_token failed, preventing further processing
 | ||
|    from being performed with that token.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the context is recognized, but that
 | ||
|    the GSS_Process_context_token() operation could not be performed for
 | ||
|    reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This call is used to process context_tokens received from a peer once
 | ||
|    a context has been established, with corresponding impact on
 | ||
|    context-level state information. One use for this facility is
 | ||
|    processing of the context_tokens generated by
 | ||
|    GSS_Delete_sec_context(); GSS_Process_context_token() will not block
 | ||
|    pending network interactions for that purpose. Another use is to
 | ||
|    process tokens indicating remote-peer context establishment failures
 | ||
|    after the point where the local GSS-API implementation has already
 | ||
|    indicated GSS_S_COMPLETE status.
 | ||
| 
 | ||
| 2.2.5:  GSS_Context_time call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  lifetime_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the referenced context is valid, and
 | ||
|    will remain valid for the amount of time indicated in lifetime_rec.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 55]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that data items related to the
 | ||
|    referenced context have expired.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation failed for
 | ||
|    reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This call is used to determine the amount of time for which a
 | ||
|    currently established context will remain valid.
 | ||
| 
 | ||
| 2.2.6: GSS_Inquire_context call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  src_name INTERNAL NAME,  -- name of context initiator,
 | ||
|    -- guaranteed to be MN;
 | ||
|    -- caller must release with GSS_Release_name() if returned
 | ||
| 
 | ||
|    o  targ_name INTERNAL NAME,  -- name of context target,
 | ||
|    -- guaranteed to be MN;
 | ||
|    -- caller must release with GSS_Release_name() if returned
 | ||
| 
 | ||
|    o  lifetime_rec INTEGER -- in seconds, or reserved value for
 | ||
|    -- INDEFINITE or EXPIRED
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER, -- the mechanism supporting this
 | ||
|    -- security context; caller should treat as read-only and not
 | ||
|    -- attempt to release
 | ||
| 
 | ||
|    o  deleg_state BOOLEAN,
 | ||
| 
 | ||
|    o  mutual_state BOOLEAN,
 | ||
| 
 | ||
|    o  replay_det_state BOOLEAN,
 | ||
| 
 | ||
|    o  sequence_state BOOLEAN,
 | ||
| 
 | ||
|    o  anon_state BOOLEAN,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 56]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  trans_state BOOLEAN,
 | ||
| 
 | ||
|    o  prot_ready_state BOOLEAN,
 | ||
| 
 | ||
|    o  conf_avail BOOLEAN,
 | ||
| 
 | ||
|    o  integ_avail BOOLEAN,
 | ||
| 
 | ||
|    o  locally_initiated BOOLEAN, -- TRUE if initiator, FALSE if acceptor
 | ||
| 
 | ||
|    o  open BOOLEAN, -- TRUE if context fully established, FALSE
 | ||
|    -- if partly established (in CONTINUE_NEEDED state)
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the referenced context is valid and
 | ||
|    that deleg_state, mutual_state, replay_det_state, sequence_state,
 | ||
|    anon_state, trans_state, prot_ready_state, conf_avail, integ_avail,
 | ||
|    locally_initiated, and open return values describe the corresponding
 | ||
|    characteristics of the context.  If open is TRUE, lifetime_rec is
 | ||
|    also returned: if open is TRUE and the context peer's name is known,
 | ||
|    src_name and targ_name are valid in addition to the values listed
 | ||
|    above.  The mech_type value must be returned for contexts where open
 | ||
|    is TRUE and may be returned for contexts where open is FALSE.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation failed for
 | ||
|    reasons unspecified at the GSS-API level. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    This call is used to extract information describing characteristics
 | ||
|    of a security context.  Note that GSS-API implementations are
 | ||
|    expected to retain inquirable context data on a context until the
 | ||
|    context is released by a caller, even after the context has expired,
 | ||
|    although underlying cryptographic data elements may be deleted after
 | ||
|    expiration in order to limit their exposure.
 | ||
| 
 | ||
| 2.2.7:   GSS_Wrap_size_limit call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    o  conf_req_flag BOOLEAN,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 57]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  qop INTEGER,
 | ||
| 
 | ||
|    o  output_size INTEGER
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  max_input_size INTEGER
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates a successful token size determination:
 | ||
|    an input message with a length in octets equal to the returned
 | ||
|    max_input_size value will, when passed to GSS_Wrap() for processing
 | ||
|    on the context identified by the context_handle parameter with the
 | ||
|    confidentiality request state as provided in conf_req_flag and with
 | ||
|    the quality of protection specifier provided in the qop parameter,
 | ||
|    yield an output token no larger than the value of the provided
 | ||
|    output_size parameter.
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that the provided input
 | ||
|    context_handle is recognized, but that the referenced context has
 | ||
|    expired.  Return values other than major_status and minor_status are
 | ||
|    undefined.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_BAD_QOP indicates that the provided QOP value is not
 | ||
|    recognized or supported for the context.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation failed for
 | ||
|    reasons unspecified at the GSS-API level. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    This call is used to determine the largest input datum which may be
 | ||
|    passed to GSS_Wrap() without yielding an output token larger than a
 | ||
|    caller-specified value.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 58]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 2.2.8:   GSS_Export_sec_context call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  interprocess_token OCTET STRING  -- caller must release
 | ||
|    -- with GSS_Release_buffer()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the referenced context has been
 | ||
|    successfully exported to a representation in the interprocess_token,
 | ||
|    and is no longer available for use by the caller.
 | ||
| 
 | ||
|    o  GSS_S_UNAVAILABLE indicates that the context export facility is
 | ||
|    not available for use on the referenced context.  (This status should
 | ||
|    occur only for contexts for which the trans_state value is FALSE.)
 | ||
|    Return values other than major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that the provided input
 | ||
|    context_handle is recognized, but that the referenced context has
 | ||
|    expired.  Return values other than major_status and minor_status are
 | ||
|    undefined.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no valid context was recognized
 | ||
|    for the input context_handle provided. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation failed for
 | ||
|    reasons unspecified at the GSS-API level. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    This call generates an interprocess token for transfer to another
 | ||
|    process within an end system, in order to transfer control of a
 | ||
|    security context to that process.  The recipient of the interprocess
 | ||
|    token will call GSS_Import_sec_context() to accept the transfer.  The
 | ||
|    GSS_Export_sec_context() operation is defined for use only with
 | ||
|    security contexts which are fully and successfully established (i.e.,
 | ||
|    those for which GSS_Init_sec_context() and GSS_Accept_sec_context()
 | ||
|    have returned GSS_S_COMPLETE major_status).
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 59]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    A successful GSS_Export_sec_context() operation deactivates the
 | ||
|    security context for the calling process; for this case, the GSS-API
 | ||
|    implementation shall deallocate all process-wide resources associated
 | ||
|    with the security context and shall set the context_handle to
 | ||
|    GSS_C_NO_CONTEXT.  In the event of an error that makes it impossible
 | ||
|    to complete export of the security context, the GSS-API
 | ||
|    implementation must not return an interprocess token and should
 | ||
|    strive to leave the security context referenced by the context_handle
 | ||
|    untouched.  If this is impossible, it is permissible for the
 | ||
|    implementation to delete the security context, provided that it also
 | ||
|    sets the context_handle parameter to GSS_C_NO_CONTEXT.
 | ||
| 
 | ||
|    Portable callers must not assume that a given interprocess token can
 | ||
|    be imported by GSS_Import_sec_context() more than once, thereby
 | ||
|    creating multiple instantiations of a single context.  GSS-API
 | ||
|    implementations may detect and reject attempted multiple imports, but
 | ||
|    are not required to do so.
 | ||
| 
 | ||
|    The internal representation contained within the interprocess token
 | ||
|    is an implementation-defined local matter.  Interprocess tokens
 | ||
|    cannot be assumed to be transferable across different GSS-API
 | ||
|    implementations.
 | ||
| 
 | ||
|    It is recommended that GSS-API implementations adopt policies suited
 | ||
|    to their operational environments in order to define the set of
 | ||
|    processes eligible to import a context, but specific constraints in
 | ||
|    this area are local matters.  Candidate examples include transfers
 | ||
|    between processes operating on behalf of the same user identity, or
 | ||
|    processes comprising a common job.  However, it may be impossible to
 | ||
|    enforce such policies in some implementations.
 | ||
| 
 | ||
|    In support of the above goals, implementations may protect the
 | ||
|    transferred context data by using cryptography to protect data within
 | ||
|    the interprocess token, or by using interprocess tokens as a means to
 | ||
|    reference local interprocess communication facilities (protected by
 | ||
|    other means) rather than storing the context data directly within the
 | ||
|    tokens.
 | ||
| 
 | ||
|    Transfer of an open context may, for certain mechanisms and
 | ||
|    implementations, reveal data about the credential which was used to
 | ||
|    establish the context.  Callers should, therefore, be cautious about
 | ||
|    the trustworthiness of processes to which they transfer contexts.
 | ||
|    Although the GSS-API implementation may provide its own set of
 | ||
|    protections over the exported context, the caller is responsible for
 | ||
|    protecting the interprocess token from disclosure, and for taking
 | ||
|    care that the context is transferred to an appropriate destination
 | ||
|    process.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 60]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 2.2.9:   GSS_Import_sec_context call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  interprocess_token OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE  -- if successfully returned,
 | ||
|    -- caller must release with GSS_Delete_sec_context()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the context represented by the input
 | ||
|    interprocess_token has been successfully transferred to the caller,
 | ||
|    and is available for future use via the output context_handle.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that the context represented by the
 | ||
|    input interprocess_token was invalid. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_TOKEN indicates that the input interprocess_token
 | ||
|    was defective.  Return values other than major_status and
 | ||
|    minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_UNAVAILABLE indicates that the context import facility is
 | ||
|    not available for use on the referenced context.  Return values other
 | ||
|    than major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_UNAUTHORIZED indicates that the context represented by the
 | ||
|    input interprocess_token is unauthorized for transfer to the caller.
 | ||
|    Return values other than major_status and minor_status are undefined.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation failed for
 | ||
|    reasons unspecified at the GSS-API level. Return values other than
 | ||
|    major_status and minor_status are undefined.
 | ||
| 
 | ||
|    This call processes an interprocess token generated by
 | ||
|    GSS_Export_sec_context(), making the transferred context available
 | ||
|    for use by the caller.  After a successful GSS_Import_sec_context()
 | ||
|    operation, the imported context is available for use by the importing
 | ||
|    process. In particular, the imported context is usable for all per-
 | ||
|    message operations and may be deleted or exported by its importer.
 | ||
|    The inability to receive delegated credentials through
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 61]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    gss_import_sec_context() precludes establishment of new contexts
 | ||
|    based on information delegated to the importer's end system within
 | ||
|    the context which is being imported, unless those delegated
 | ||
|    credentials are obtained through separate routines (e.g., XGSS-API
 | ||
|    calls) outside the GSS-V2 definition.
 | ||
| 
 | ||
|    For further discussion of the security and authorization issues
 | ||
|    regarding this call, please see the discussion in Section 2.2.8.
 | ||
| 
 | ||
| 2.3:  Per-message calls
 | ||
| 
 | ||
|    This group of calls is used to perform per-message protection
 | ||
|    processing on an established security context. None of these calls
 | ||
|    block pending network interactions. These calls may be invoked by a
 | ||
|    context's initiator or by the context's target.  The four members of
 | ||
|    this group should be considered as two pairs; the output from
 | ||
|    GSS_GetMIC() is properly input to GSS_VerifyMIC(), and the output
 | ||
|    from GSS_Wrap() is properly input to GSS_Unwrap().
 | ||
| 
 | ||
|    GSS_GetMIC() and GSS_VerifyMIC() support data origin authentication
 | ||
|    and data integrity services. When GSS_GetMIC() is invoked on an input
 | ||
|    message, it yields a per-message token containing data items which
 | ||
|    allow underlying mechanisms to provide the specified security
 | ||
|    services. The original message, along with the generated per-message
 | ||
|    token, is passed to the remote peer; these two data elements are
 | ||
|    processed by GSS_VerifyMIC(), which validates the message in
 | ||
|    conjunction with the separate token.
 | ||
| 
 | ||
|    GSS_Wrap() and GSS_Unwrap() support caller-requested confidentiality
 | ||
|    in addition to the data origin authentication and data integrity
 | ||
|    services offered by GSS_GetMIC() and GSS_VerifyMIC(). GSS_Wrap()
 | ||
|    outputs a single data element, encapsulating optionally enciphered
 | ||
|    user data as well as associated token data items.  The data element
 | ||
|    output from GSS_Wrap() is passed to the remote peer and processed by
 | ||
|    GSS_Unwrap() at that system. GSS_Unwrap() combines decipherment (as
 | ||
|    required) with validation of data items related to authentication and
 | ||
|    integrity.
 | ||
| 
 | ||
|    Although zero-length tokens are never returned by GSS calls for
 | ||
|    transfer to a context's peer, a zero-length object may be passed by a
 | ||
|    caller into GSS_Wrap(), in which case the corresponding peer calling
 | ||
|    GSS_Unwrap() on the transferred token will receive a zero-length
 | ||
|    object as output from GSS_Unwrap().  Similarly, GSS_GetMIC() can be
 | ||
|    called on an empty object, yielding a MIC which GSS_VerifyMIC() will
 | ||
|    successfully verify against the active security context in
 | ||
|    conjunction with a zero-length object.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 62]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 2.3.1:  GSS_GetMIC call
 | ||
| 
 | ||
|    Note: This call is functionally equivalent to the GSS_Sign call as
 | ||
|    defined in previous versions of this specification. In the interests
 | ||
|    of backward compatibility, it is recommended that implementations
 | ||
|    support this function under both names for the present; future
 | ||
|    references to this function as GSS_Sign are deprecated.
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    o  qop_req INTEGER, -- 0 specifies default QOP
 | ||
| 
 | ||
|    o  message OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  per_msg_token OCTET STRING  -- caller must release
 | ||
|    -- with GSS_Release_buffer()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that an integrity check, suitable for an
 | ||
|    established security context, was successfully applied and that the
 | ||
|    message and corresponding per_msg_token are ready for transmission.
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that context-related data items
 | ||
|    have expired, so that the requested operation cannot be performed.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no context was recognized for the
 | ||
|    input context_handle provided.
 | ||
| 
 | ||
|    o  GSS_S_BAD_QOP indicates that the provided QOP value is not
 | ||
|    recognized or supported for the context.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the context is recognized, but that
 | ||
|    the requested operation could not be performed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Using the security context referenced by context_handle, apply an
 | ||
|    integrity check to the input message (along with timestamps and/or
 | ||
|    other data included in support of mech_type-specific mechanisms) and
 | ||
|    (if GSS_S_COMPLETE status is indicated) return the result in
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 63]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    per_msg_token. The qop_req parameter, interpretation of which is
 | ||
|    discussed in Section 1.2.4, allows quality-of-protection control. The
 | ||
|    caller passes the message and the per_msg_token to the target.
 | ||
| 
 | ||
|    The GSS_GetMIC() function completes before the message and
 | ||
|    per_msg_token is sent to the peer; successful application of
 | ||
|    GSS_GetMIC() does not guarantee that a corresponding GSS_VerifyMIC()
 | ||
|    has been (or can necessarily be) performed successfully when the
 | ||
|    message arrives at the destination.
 | ||
| 
 | ||
|    Mechanisms which do not support per-message protection services
 | ||
|    should return GSS_S_FAILURE if this routine is called.
 | ||
| 
 | ||
| 2.3.2:  GSS_VerifyMIC call
 | ||
| 
 | ||
|    Note: This call is functionally equivalent to the GSS_Verify call as
 | ||
|    defined in previous versions of this specification. In the interests
 | ||
|    of backward compatibility, it is recommended that implementations
 | ||
|    support this function under both names for the present; future
 | ||
|    references to this function as GSS_Verify are deprecated.
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    o  message OCTET STRING,
 | ||
| 
 | ||
|    o  per_msg_token OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  qop_state INTEGER,
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the message was successfully
 | ||
|    verified.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_TOKEN indicates that consistency checks performed
 | ||
|    on the received per_msg_token failed, preventing further processing
 | ||
|    from being performed with that token.
 | ||
| 
 | ||
|    o  GSS_S_BAD_SIG (GSS_S_BAD_MIC) indicates that the received
 | ||
|    per_msg_token contains an incorrect integrity check for the message.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 64]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_DUPLICATE_TOKEN, GSS_S_OLD_TOKEN, GSS_S_UNSEQ_TOKEN, and
 | ||
|    GSS_S_GAP_TOKEN values appear in conjunction with the optional per-
 | ||
|    message replay detection features described in Section 1.2.3; their
 | ||
|    semantics are described in that section.
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that context-related data items
 | ||
|    have expired, so that the requested operation cannot be performed.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no context was recognized for the
 | ||
|    input context_handle provided.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the context is recognized, but that
 | ||
|    the GSS_VerifyMIC() operation could not be performed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Using the security context referenced by context_handle, verify that
 | ||
|    the input per_msg_token contains an appropriate integrity check for
 | ||
|    the input message, and apply any active replay detection or
 | ||
|    sequencing features. Returns an indication of the quality-of-
 | ||
|    protection applied to the processed message in the qop_state result.
 | ||
| 
 | ||
|    Mechanisms which do not support per-message protection services
 | ||
|    should return GSS_S_FAILURE if this routine is called.
 | ||
| 
 | ||
| 2.3.3: GSS_Wrap call
 | ||
| 
 | ||
|    Note: This call is functionally equivalent to the GSS_Seal call as
 | ||
|    defined in previous versions of this specification. In the interests
 | ||
|    of backward compatibility, it is recommended that implementations
 | ||
|    support this function under both names for the present; future
 | ||
|    references to this function as GSS_Seal are deprecated.
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    o  conf_req_flag BOOLEAN,
 | ||
| 
 | ||
|    o  qop_req INTEGER, -- 0 specifies default QOP
 | ||
| 
 | ||
|    o  input_message OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 65]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  conf_state BOOLEAN,
 | ||
| 
 | ||
|    o  output_message OCTET STRING  -- caller must release with
 | ||
|    -- GSS_Release_buffer()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the input_message was successfully
 | ||
|    processed and that the output_message is ready for transmission.
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that context-related data items
 | ||
|    have expired, so that the requested operation cannot be performed.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no context was recognized for the
 | ||
|    input context_handle provided.
 | ||
| 
 | ||
|    o  GSS_S_BAD_QOP indicates that the provided QOP value is not
 | ||
|    recognized or supported for the context.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the context is recognized, but that
 | ||
|    the GSS_Wrap() operation could not be performed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Performs the data origin authentication and data integrity functions
 | ||
|    of GSS_GetMIC().  If the input conf_req_flag is TRUE, requests that
 | ||
|    confidentiality be applied to the input_message.  Confidentiality may
 | ||
|    not be supported in all mech_types or by all implementations; the
 | ||
|    returned conf_state flag indicates whether confidentiality was
 | ||
|    provided for the input_message. The qop_req parameter, interpretation
 | ||
|    of which is discussed in Section 1.2.4, allows quality-of-protection
 | ||
|    control.
 | ||
| 
 | ||
|    When GSS_S_COMPLETE status is returned, the GSS_Wrap() call yields a
 | ||
|    single output_message data element containing (optionally enciphered)
 | ||
|    user data as well as control information.
 | ||
| 
 | ||
|    Mechanisms which do not support per-message protection services
 | ||
|    should return GSS_S_FAILURE if this routine is called.
 | ||
| 
 | ||
| 2.3.4: GSS_Unwrap call
 | ||
| 
 | ||
|    Note: This call is functionally equivalent to the GSS_Unseal call as
 | ||
|    defined in previous versions of this specification. In the interests
 | ||
|    of backward compatibility, it is recommended that implementations
 | ||
|    support this function under both names for the present; future
 | ||
|    references to this function as GSS_Unseal are deprecated.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 66]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  context_handle CONTEXT HANDLE,
 | ||
| 
 | ||
|    o  input_message OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  conf_state BOOLEAN,
 | ||
| 
 | ||
|    o  qop_state INTEGER,
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  output_message OCTET STRING  -- caller must release with
 | ||
|    -- GSS_Release_buffer()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the input_message was successfully
 | ||
|    processed and that the resulting output_message is available.
 | ||
| 
 | ||
|    o  GSS_S_DEFECTIVE_TOKEN indicates that consistency checks performed
 | ||
|    on the per_msg_token extracted from the input_message failed,
 | ||
|    preventing further processing from being performed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_SIG (GSS_S_BAD_MIC) indicates that an incorrect
 | ||
|    integrity check was detected for the message.
 | ||
| 
 | ||
|    o  GSS_S_DUPLICATE_TOKEN, GSS_S_OLD_TOKEN, GSS_S_UNSEQ_TOKEN, and
 | ||
|    GSS_S_GAP_TOKEN values appear in conjunction with the optional per-
 | ||
|    message replay detection features described in Section 1.2.3; their
 | ||
|    semantics are described in that section.
 | ||
| 
 | ||
|    o  GSS_S_CONTEXT_EXPIRED indicates that context-related data items
 | ||
|    have expired, so that the requested operation cannot be performed.
 | ||
| 
 | ||
|    o  GSS_S_NO_CONTEXT indicates that no context was recognized for the
 | ||
|    input context_handle provided.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the context is recognized, but that
 | ||
|    the GSS_Unwrap() operation could not be performed for reasons
 | ||
|    unspecified at the GSS-API level.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 67]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Processes a data element generated (and optionally enciphered) by
 | ||
|    GSS_Wrap(), provided as input_message. The returned conf_state value
 | ||
|    indicates whether confidentiality was applied to the input_message.
 | ||
|    If conf_state is TRUE, GSS_Unwrap() has deciphered the input_message.
 | ||
|    Returns an indication of the quality-of-protection applied to the
 | ||
|    processed message in the qop_state result. GSS_Unwrap() performs the
 | ||
|    data integrity and data origin authentication checking functions of
 | ||
|    GSS_VerifyMIC() on the plaintext data. Plaintext data is returned in
 | ||
|    output_message.
 | ||
| 
 | ||
|    Mechanisms which do not support per-message protection services
 | ||
|    should return GSS_S_FAILURE if this routine is called.
 | ||
| 
 | ||
| 2.4:  Support calls
 | ||
| 
 | ||
|    This group of calls provides support functions useful to GSS-API
 | ||
|    callers, independent of the state of established contexts. Their
 | ||
|    characterization with regard to blocking or non-blocking status in
 | ||
|    terms of network interactions is unspecified.
 | ||
| 
 | ||
| 2.4.1:  GSS_Display_status call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  status_value INTEGER, -- GSS-API major_status or minor_status
 | ||
|    -- return value
 | ||
| 
 | ||
|    o  status_type INTEGER, -- 1 if major_status, 2 if minor_status
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER -- mech_type to be used for
 | ||
|    -- minor_status translation
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  status_string_set SET OF OCTET STRING  -- required calls for
 | ||
|    -- release by caller are specific to language bindings
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a valid printable status
 | ||
|    representation (possibly representing more than one status event
 | ||
|    encoded within the status_value) is available in the returned
 | ||
|    status_string_set.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 68]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that translation in accordance with an
 | ||
|    unsupported mech_type was requested, so translation could not be
 | ||
|    performed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_STATUS indicates that the input status_value was
 | ||
|    invalid, or that the input status_type carried a value other than 1
 | ||
|    or 2, so translation could not be performed.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Provides a means for callers to translate GSS-API-returned major and
 | ||
|    minor status codes into printable string representations.  Note: some
 | ||
|    language bindings may employ an iterative approach in order to emit
 | ||
|    successive status components; this approach is acceptable but not
 | ||
|    required for conformance with the current specification.
 | ||
| 
 | ||
|    Although not contemplated in [RFC-2078], it has been observed that
 | ||
|    some existing GSS-API implementations return GSS_S_CONTINUE_NEEDED
 | ||
|    status when iterating through successive messages returned from
 | ||
|    GSS_Display_status(). This behavior is deprecated;
 | ||
|    GSS_S_CONTINUE_NEEDED should be returned only by
 | ||
|    GSS_Init_sec_context() and GSS_Accept_sec_context().  For maximal
 | ||
|    portability, however, it is recommended that defensive callers be
 | ||
|    able to accept and ignore GSS_S_CONTINUE_NEEDED status if indicated
 | ||
|    by GSS_Display_status() or any other call other than
 | ||
|    GSS_Init_sec_context() or GSS_Accept_sec_context().
 | ||
| 
 | ||
| 2.4.2:  GSS_Indicate_mechs call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  (none)
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  mech_set SET OF OBJECT IDENTIFIER  -- caller must release
 | ||
|    -- with GSS_Release_oid_set()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a set of available mechanisms has
 | ||
|    been returned in mech_set.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 69]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to determine the set of mechanism types available on
 | ||
|    the local system. This call is intended for support of specialized
 | ||
|    callers who need to request non-default mech_type sets from GSS-API
 | ||
|    calls which accept input mechanism type specifiers.
 | ||
| 
 | ||
| 2.4.3:  GSS_Compare_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  name1 INTERNAL NAME,
 | ||
| 
 | ||
|    o  name2 INTERNAL NAME
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  name_equal BOOLEAN
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that name1 and name2 were comparable, and
 | ||
|    that the name_equal result indicates whether name1 and name2
 | ||
|    represent the same entity.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the two input names' types are
 | ||
|    different and incomparable, so that the comparison operation could
 | ||
|    not be completed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that one or both of the input names was
 | ||
|    ill-formed in terms of its internal type specifier, so the comparison
 | ||
|    operation could not be completed.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the call's operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to compare two internal name representations to
 | ||
|    determine whether they refer to the same entity.  If either name
 | ||
|    presented to GSS_Compare_name() denotes an anonymous principal,
 | ||
|    GSS_Compare_name() shall indicate FALSE.  It is not required that
 | ||
|    either or both inputs name1 and name2 be MNs; for some
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 70]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    implementations and cases, GSS_S_BAD_NAMETYPE may be returned,
 | ||
|    indicating name incomparability, for the case where neither input
 | ||
|    name is an MN.
 | ||
| 
 | ||
| 2.4.4:  GSS_Display_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  name INTERNAL NAME
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  name_string OCTET STRING, -- caller must release
 | ||
|    -- with GSS_Release_buffer()
 | ||
| 
 | ||
|    o  name_type OBJECT IDENTIFIER  -- caller should treat
 | ||
|    -- as read-only; does not need to be released
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a valid printable name
 | ||
|    representation is available in the returned name_string.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the contents of the provided name
 | ||
|    were inconsistent with the internally-indicated name type, so no
 | ||
|    printable representation could be generated.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to translate an internal name representation into a
 | ||
|    printable form with associated namespace type descriptor. The syntax
 | ||
|    of the printable form is a local matter.
 | ||
| 
 | ||
|    If the input name represents an anonymous identity, a reserved value
 | ||
|    (GSS_C_NT_ANONYMOUS) shall be returned for name_type.
 | ||
| 
 | ||
|    The GSS_C_NO_OID name type is to be returned only when the
 | ||
|    corresponding internal name was created through import with
 | ||
|    GSS_C_NO_OID. It is acceptable for mechanisms to normalize names
 | ||
|    imported with GSS_C_NO_OID into other supported types and, therefore,
 | ||
|    to display them with types other than GSS_C_NO_OID.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 71]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 2.4.5:  GSS_Import_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  input_name_string OCTET STRING,
 | ||
| 
 | ||
|    o  input_name_type OBJECT IDENTIFIER
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  output_name INTERNAL NAME  -- caller must release with
 | ||
|    -- GSS_Release_name()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a valid name representation is
 | ||
|    output in output_name and described by the type value in
 | ||
|    output_name_type.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the input_name_type is
 | ||
|    unsupported by the applicable underlying GSS-API mechanism(s), so the
 | ||
|    import operation could not be completed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the provided input_name_string is
 | ||
|    ill-formed in terms of the input_name_type, so the import operation
 | ||
|    could not be completed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that the input presented for import was
 | ||
|    an exported name object and that its enclosed mechanism type was not
 | ||
|    recognized or was unsupported by the GSS-API implementation.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to provide a name representation as a contiguous octet
 | ||
|    string, designate the type of namespace in conjunction with which it
 | ||
|    should be parsed, and convert that representation to an internal form
 | ||
|    suitable for input to other GSS-API routines.  The syntax of the
 | ||
|    input_name_string is defined in conjunction with its associated name
 | ||
|    type; depending on the input_name_type, the associated
 | ||
|    input_name_string may or may not be a printable string.  If the
 | ||
|    input_name_type's value is GSS_C_NO_OID, a mechanism-specific default
 | ||
|    printable syntax (which shall be specified in the corresponding GSS-
 | ||
|    V2 mechanism specification) is assumed for the input_name_string;
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 72]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    other input_name_type values as registered by GSS-API implementations
 | ||
|    can be used to indicate specific non-default name syntaxes. Note: The
 | ||
|    input_name_type argument serves to describe and qualify the
 | ||
|    interpretation of the associated input_name_string; it does not
 | ||
|    specify the data type of the returned output_name.
 | ||
| 
 | ||
|    If a mechanism claims support for a particular name type, its
 | ||
|    GSS_Import_name() operation shall be able to accept all possible
 | ||
|    values conformant to the external name syntax as defined for that
 | ||
|    name type.  These imported values may correspond to:
 | ||
| 
 | ||
|       (1) locally registered entities (for which credentials may be
 | ||
|       acquired),
 | ||
| 
 | ||
|       (2) non-local entities (for which local credentials cannot be
 | ||
|       acquired, but which may be referenced as targets of initiated
 | ||
|       security contexts or initiators of accepted security contexts), or
 | ||
|       to
 | ||
| 
 | ||
|       (3) neither of the above.
 | ||
| 
 | ||
|    Determination of whether a particular name belongs to class (1), (2),
 | ||
|    or (3) as described above is not guaranteed to be performed by the
 | ||
|    GSS_Import_name() function.
 | ||
| 
 | ||
|    The internal name generated by a GSS_Import_name() operation may be a
 | ||
|    single-mechanism MN, and is likely to be an MN within a single-
 | ||
|    mechanism implementation, but portable callers must not depend on
 | ||
|    this property (and must not, therefore, assume that the output from
 | ||
|    GSS_Import_name() can be passed directly to GSS_Export_name() without
 | ||
|    first being processed through GSS_Canonicalize_name()).
 | ||
| 
 | ||
| 2.4.6: GSS_Release_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  name INTERNAL NAME
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the storage associated with the
 | ||
|    input name was successfully released.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 73]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the input name argument did not
 | ||
|    contain a valid name.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to release the storage associated with an internal
 | ||
|    name representation.  This call's specific behavior depends on the
 | ||
|    language and programming environment within which a GSS-API
 | ||
|    implementation operates, and is therefore detailed within applicable
 | ||
|    bindings specifications; in particular, implementation and invocation
 | ||
|    of this call may be superfluous (and may be omitted) within bindings
 | ||
|    where memory management is automatic.
 | ||
| 
 | ||
| 2.4.7: GSS_Release_buffer call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  buffer OCTET STRING
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the storage associated with the
 | ||
|    input buffer was successfully released.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to release the storage associated with an OCTET STRING
 | ||
|    buffer allocated by another GSS-API call.  This call's specific
 | ||
|    behavior depends on the language and programming environment within
 | ||
|    which a GSS-API implementation operates, and is therefore detailed
 | ||
|    within applicable bindings specifications; in particular,
 | ||
|    implementation and invocation of this call may be superfluous (and
 | ||
|    may be omitted) within bindings where memory management is automatic.
 | ||
| 
 | ||
| 2.4.8: GSS_Release_OID_set call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  buffer SET OF OBJECT IDENTIFIER
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 74]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the storage associated with the
 | ||
|    input object identifier set was successfully released.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to release the storage associated with an object
 | ||
|    identifier set object allocated by another GSS-API call.  This call's
 | ||
|    specific behavior depends on the language and programming environment
 | ||
|    within which a GSS-API implementation operates, and is therefore
 | ||
|    detailed within applicable bindings specifications; in particular,
 | ||
|    implementation and invocation of this call may be superfluous (and
 | ||
|    may be omitted) within bindings where memory management is automatic.
 | ||
| 
 | ||
| 2.4.9: GSS_Create_empty_OID_set call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  (none)
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  oid_set SET OF OBJECT IDENTIFIER  -- caller must release
 | ||
|    -- with GSS_Release_oid_set()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates successful completion
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the operation failed
 | ||
| 
 | ||
|    Creates an object identifier set containing no object identifiers, to
 | ||
|    which members may be subsequently added using the
 | ||
|    GSS_Add_OID_set_member() routine.  These routines are intended to be
 | ||
|    used to construct sets of mechanism object identifiers, for input to
 | ||
|    GSS_Acquire_cred().
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 75]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 2.4.10: GSS_Add_OID_set_member call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  member_oid OBJECT IDENTIFIER,
 | ||
| 
 | ||
|    o  oid_set SET OF OBJECT IDENTIFIER
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates successful completion
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the operation failed
 | ||
| 
 | ||
|    Adds an Object Identifier to an Object Identifier set.  This routine
 | ||
|    is intended for use in conjunction with GSS_Create_empty_OID_set()
 | ||
|    when constructing a set of mechanism OIDs for input to
 | ||
|    GSS_Acquire_cred().
 | ||
| 
 | ||
| 2.4.11: GSS_Test_OID_set_member call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  member OBJECT IDENTIFIER,
 | ||
| 
 | ||
|    o  set SET OF OBJECT IDENTIFIER
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  present BOOLEAN
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates successful completion
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the operation failed
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 76]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Interrogates an Object Identifier set to determine whether a
 | ||
|    specified Object Identifier is a member.  This routine is intended to
 | ||
|    be used with OID sets returned by GSS_Indicate_mechs(),
 | ||
|    GSS_Acquire_cred(), and GSS_Inquire_cred().
 | ||
| 
 | ||
| 2.4.12:  GSS_Inquire_names_for_mech call
 | ||
| 
 | ||
|    Input:
 | ||
| 
 | ||
|    o  input_mech_type OBJECT IDENTIFIER, -- mechanism type
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  name_type_set SET OF OBJECT IDENTIFIER -- caller must release
 | ||
|    -- with GSS_Release_oid_set()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that the output name_type_set contains a
 | ||
|    list of name types which are supported by the locally available
 | ||
|    mechanism identified by input_mech_type.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that the mechanism identified by
 | ||
|    input_mech_type was unsupported within the local implementation,
 | ||
|    causing the query to fail.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    Allows callers to determine the set of name types which are
 | ||
|    supportable by a specific locally-available mechanism.
 | ||
| 
 | ||
| 2.4.13: GSS_Inquire_mechs_for_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  input_name INTERNAL NAME,
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 77]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  mech_types SET OF OBJECT IDENTIFIER  -- caller must release
 | ||
|    -- with GSS_Release_oid_set()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a set of object identifiers,
 | ||
|    corresponding to the set of mechanisms suitable for processing the
 | ||
|    input_name, is available in mech_types.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the input_name was ill-formed and
 | ||
|    could not be processed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the input_name parameter
 | ||
|    contained an invalid name type or a name type unsupported by the
 | ||
|    GSS-API implementation.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This routine returns the mechanism set with which the input_name may
 | ||
|    be processed.
 | ||
| 
 | ||
|    Each mechanism returned will recognize at least one element within
 | ||
|    the name. It is permissible for this routine to be implemented within
 | ||
|    a mechanism-independent GSS-API layer, using the type information
 | ||
|    contained within the presented name, and based on registration
 | ||
|    information provided by individual mechanism implementations.  This
 | ||
|    means that the returned mech_types result may indicate that a
 | ||
|    particular mechanism will understand a particular name when in fact
 | ||
|    it would refuse to accept that name as input to
 | ||
|    GSS_Canonicalize_name(), GSS_Init_sec_context(), GSS_Acquire_cred(),
 | ||
|    or GSS_Add_cred(), due to some property of the particular name rather
 | ||
|    than a property of the name type.  Thus, this routine should be used
 | ||
|    only as a pre-filter for a call to a subsequent mechanism-specific
 | ||
|    routine.
 | ||
| 
 | ||
| 2.4.14: GSS_Canonicalize_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  input_name INTERNAL NAME,
 | ||
| 
 | ||
|    o  mech_type OBJECT IDENTIFIER  -- must be explicit mechanism,
 | ||
|    -- not "default" specifier or identifier of negotiating mechanism
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 78]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  output_name INTERNAL NAME  -- caller must release with
 | ||
|    -- GSS_Release_name()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a mechanism-specific reduction of
 | ||
|    the input_name, as processed by the mechanism identified by
 | ||
|    mech_type, is available in output_name.
 | ||
| 
 | ||
|    o  GSS_S_BAD_MECH indicates that the identified mechanism is
 | ||
|    unsupported for this operation; this may correspond either to a
 | ||
|    mechanism wholly unsupported by the local GSS-API implementation or
 | ||
|    to a negotiating mechanism with which the canonicalization operation
 | ||
|    cannot be performed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the input name does not contain
 | ||
|    an element with suitable type for processing by the identified
 | ||
|    mechanism.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the input name contains an element
 | ||
|    with suitable type for processing by the identified mechanism, but
 | ||
|    that this element could not be processed successfully.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This routine reduces a GSS-API internal name input_name, which may in
 | ||
|    general contain elements corresponding to multiple mechanisms, to a
 | ||
|    mechanism-specific Mechanism Name (MN) output_name by applying the
 | ||
|    translations corresponding to the mechanism identified by mech_type.
 | ||
|    The contents of input_name are unaffected by the
 | ||
|    GSS_Canonicalize_name() operation.  References to output_name will
 | ||
|    remain valid until output_name is released, independent of whether or
 | ||
|    not input_name is subsequently released.
 | ||
| 
 | ||
| 2.4.15: GSS_Export_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  input_name INTERNAL NAME, -- required to be MN
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 79]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    o  output_name OCTET STRING  -- caller must release
 | ||
|    -- with GSS_Release_buffer()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that a flat representation of the input
 | ||
|    name is available in output_name.
 | ||
| 
 | ||
|    o  GSS_S_NAME_NOT_MN indicates that the input name contained elements
 | ||
|    corresponding to multiple mechanisms, so cannot be exported into a
 | ||
|    single-mechanism flat form.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the input name was an MN, but could
 | ||
|    not be processed.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAMETYPE indicates that the input name was an MN, but
 | ||
|    that its type is unsupported by the GSS-API implementation.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This routine creates a flat name representation, suitable for
 | ||
|    bytewise comparison or for input to GSS_Import_name() in conjunction
 | ||
|    with the reserved GSS-API Exported Name Object OID, from a internal-
 | ||
|    form Mechanism Name (MN) as emitted, e.g., by GSS_Canonicalize_name()
 | ||
|    or GSS_Accept_sec_context().
 | ||
| 
 | ||
|    The emitted GSS-API Exported Name Object is self-describing; no
 | ||
|    associated parameter-level OID need be emitted by this call.  This
 | ||
|    flat representation consists of a mechanism-independent wrapper
 | ||
|    layer, defined in Section 3.2 of this document, enclosing a
 | ||
|    mechanism-defined name representation.
 | ||
| 
 | ||
|    In all cases, the flat name output by GSS_Export_name() to correspond
 | ||
|    to a particular input MN must be invariant over time within a
 | ||
|    particular installation.
 | ||
| 
 | ||
|    The GSS_S_NAME_NOT_MN status code is provided to enable
 | ||
|    implementations to reject input names which are not MNs.  It is not,
 | ||
|    however, required for purposes of conformance to this specification
 | ||
|    that all non-MN input names must necessarily be rejected.
 | ||
| 
 | ||
| 2.4.16: GSS_Duplicate_name call
 | ||
| 
 | ||
|    Inputs:
 | ||
| 
 | ||
|    o  src_name INTERNAL NAME
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 80]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Outputs:
 | ||
| 
 | ||
|    o  major_status INTEGER,
 | ||
| 
 | ||
|    o  minor_status INTEGER,
 | ||
| 
 | ||
|    o  dest_name INTERNAL NAME  -- caller must release
 | ||
|    -- with GSS_Release_name()
 | ||
| 
 | ||
|    Return major_status codes:
 | ||
| 
 | ||
|    o  GSS_S_COMPLETE indicates that dest_name references an internal
 | ||
|    name object containing the same name as passed to src_name.
 | ||
| 
 | ||
|    o  GSS_S_BAD_NAME indicates that the input name was invalid.
 | ||
| 
 | ||
|    o  GSS_S_FAILURE indicates that the requested operation could not be
 | ||
|    performed for reasons unspecified at the GSS-API level.
 | ||
| 
 | ||
|    This routine takes input internal name src_name, and returns another
 | ||
|    reference (dest_name) to that name which can be used even if src_name
 | ||
|    is later freed.  (Note: This may be implemented by copying or through
 | ||
|    use of reference counts.)
 | ||
| 
 | ||
| 3: Data Structure Definitions for GSS-V2 Usage
 | ||
| 
 | ||
|    Subsections of this section define, for interoperability and
 | ||
|    portability purposes, certain data structures for use with GSS-V2.
 | ||
| 
 | ||
| 3.1: Mechanism-Independent Token Format
 | ||
| 
 | ||
|    This section specifies a mechanism-independent level of encapsulating
 | ||
|    representation for the initial token of a GSS-API context
 | ||
|    establishment sequence, incorporating an identifier of the mechanism
 | ||
|    type to be used on that context and enabling tokens to be interpreted
 | ||
|    unambiguously at GSS-API peers. Use of this format is required for
 | ||
|    initial context establishment tokens of Internet standards-track
 | ||
|    GSS-API mechanisms; use in non-initial tokens is optional.
 | ||
| 
 | ||
|    The encoding format for the token tag is derived from ASN.1 and DER
 | ||
|    (per illustrative ASN.1 syntax included later within this
 | ||
|    subsection), but its concrete representation is defined directly in
 | ||
|    terms of octets rather than at the ASN.1 level in order to facilitate
 | ||
|    interoperable implementation without use of general ASN.1 processing
 | ||
|    code.  The token tag consists of the following elements, in order:
 | ||
| 
 | ||
|       1. 0x60 -- Tag for [APPLICATION 0] SEQUENCE; indicates that
 | ||
|       -- constructed form, definite length encoding follows.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 81]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       2. Token length octets, specifying length of subsequent data
 | ||
|       (i.e., the summed lengths of elements 3-5 in this list, and of the
 | ||
|       mechanism-defined token object following the tag).  This element
 | ||
|       comprises a variable number of octets:
 | ||
| 
 | ||
|          2a. If the indicated value is less than 128, it shall be
 | ||
|          represented in a single octet with bit 8 (high order) set to
 | ||
|          "0" and the remaining bits representing the value.
 | ||
| 
 | ||
|          2b. If the indicated value is 128 or more, it shall be
 | ||
|          represented in two or more octets, with bit 8 of the first
 | ||
|          octet set to "1" and the remaining bits of the first octet
 | ||
|          specifying the number of additional octets.  The subsequent
 | ||
|          octets carry the value, 8 bits per octet, most significant
 | ||
|          digit first.  The minimum number of octets shall be used to
 | ||
|          encode the length (i.e., no octets representing leading zeros
 | ||
|          shall be included within the length encoding).
 | ||
| 
 | ||
|       3. 0x06 -- Tag for OBJECT IDENTIFIER
 | ||
| 
 | ||
|       4. Object identifier length -- length (number of octets) of
 | ||
|       -- the encoded object identifier contained in element 5,
 | ||
|       -- encoded per rules as described in 2a. and 2b. above.
 | ||
| 
 | ||
|       5. Object identifier octets -- variable number of octets,
 | ||
|       -- encoded per ASN.1 BER rules:
 | ||
| 
 | ||
|          5a. The first octet contains the sum of two values: (1) the
 | ||
|          top-level object identifier component, multiplied by 40
 | ||
|          (decimal), and (2) the second-level object identifier
 | ||
|          component.  This special case is the only point within an
 | ||
|          object identifier encoding where a single octet represents
 | ||
|          contents of more than one component.
 | ||
| 
 | ||
|          5b. Subsequent octets, if required, encode successively-lower
 | ||
|          components in the represented object identifier.  A component's
 | ||
|          encoding may span multiple octets, encoding 7 bits per octet
 | ||
|          (most significant bits first) and with bit 8 set to "1" on all
 | ||
|          but the final octet in the component's encoding.  The minimum
 | ||
|          number of octets shall be used to encode each component (i.e.,
 | ||
|          no octets representing leading zeros shall be included within a
 | ||
|          component's encoding).
 | ||
| 
 | ||
|       (Note: In many implementations, elements 3-5 may be stored and
 | ||
|       referenced as a contiguous string constant.)
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 82]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    The token tag is immediately followed by a mechanism-defined token
 | ||
|    object.  Note that no independent size specifier intervenes following
 | ||
|    the object identifier value to indicate the size of the mechanism-
 | ||
|    defined token object.  While ASN.1 usage within mechanism-defined
 | ||
|    tokens is permitted, there is no requirement that the mechanism-
 | ||
|    specific innerContextToken, innerMsgToken, and sealedUserData data
 | ||
|    elements must employ ASN.1 BER/DER encoding conventions.
 | ||
| 
 | ||
|    The following ASN.1 syntax is included for descriptive purposes only,
 | ||
|    to illustrate structural relationships among token and tag objects.
 | ||
|    For interoperability purposes, token and tag encoding shall be
 | ||
|    performed using the concrete encoding procedures described earlier in
 | ||
|    this subsection.
 | ||
| 
 | ||
|       GSS-API DEFINITIONS ::=
 | ||
| 
 | ||
|       BEGIN
 | ||
| 
 | ||
|       MechType ::= OBJECT IDENTIFIER
 | ||
|       -- data structure definitions
 | ||
|       -- callers must be able to distinguish among
 | ||
|       -- InitialContextToken, SubsequentContextToken,
 | ||
|       -- PerMsgToken, and SealedMessage data elements
 | ||
|       -- based on the usage in which they occur
 | ||
| 
 | ||
|       InitialContextToken ::=
 | ||
|       -- option indication (delegation, etc.) indicated within
 | ||
|       -- mechanism-specific token
 | ||
|       [APPLICATION 0] IMPLICIT SEQUENCE {
 | ||
|               thisMech MechType,
 | ||
|               innerContextToken ANY DEFINED BY thisMech
 | ||
|                  -- contents mechanism-specific
 | ||
|                  -- ASN.1 structure not required
 | ||
|               }
 | ||
| 
 | ||
|       SubsequentContextToken ::= innerContextToken ANY
 | ||
|       -- interpretation based on predecessor InitialContextToken
 | ||
|       -- ASN.1 structure not required
 | ||
| 
 | ||
|       PerMsgToken ::=
 | ||
|       -- as emitted by GSS_GetMIC and processed by GSS_VerifyMIC
 | ||
|       -- ASN.1 structure not required
 | ||
|               innerMsgToken ANY
 | ||
| 
 | ||
|       SealedMessage ::=
 | ||
|       -- as emitted by GSS_Wrap and processed by GSS_Unwrap
 | ||
|       -- includes internal, mechanism-defined indicator
 | ||
|       -- of whether or not encrypted
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 83]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       -- ASN.1 structure not required
 | ||
|               sealedUserData ANY
 | ||
| 
 | ||
|       END
 | ||
| 
 | ||
| 3.2: Mechanism-Independent Exported Name Object Format
 | ||
| 
 | ||
|    This section specifies a mechanism-independent level of encapsulating
 | ||
|    representation for names exported via the GSS_Export_name() call,
 | ||
|    including an object identifier representing the exporting mechanism.
 | ||
|    The format of names encapsulated via this representation shall be
 | ||
|    defined within individual mechanism drafts.  The Object Identifier
 | ||
|    value to indicate names of this type is defined in Section 4.7 of
 | ||
|    this document.
 | ||
| 
 | ||
|    No name type OID is included in this mechanism-independent level of
 | ||
|    format definition, since (depending on individual mechanism
 | ||
|    specifications) the enclosed name may be implicitly typed or may be
 | ||
|    explicitly typed using a means other than OID encoding.
 | ||
| 
 | ||
|    The bytes within MECH_OID_LEN and NAME_LEN elements are represented
 | ||
|    most significant byte first (equivalently, in IP network byte order).
 | ||
| 
 | ||
|         Length    Name          Description
 | ||
| 
 | ||
|         2               TOK_ID          Token Identifier
 | ||
|                                         For exported name objects, this
 | ||
|                                         must be hex 04 01.
 | ||
|         2               MECH_OID_LEN    Length of the Mechanism OID
 | ||
|         MECH_OID_LEN    MECH_OID        Mechanism OID, in DER
 | ||
|         4               NAME_LEN        Length of name
 | ||
|         NAME_LEN        NAME            Exported name; format defined in
 | ||
|                                         applicable mechanism draft.
 | ||
| 
 | ||
|    A concrete example of the contents of an exported name object,
 | ||
|    derived from the Kerberos Version 5 mechanism, is as follows:
 | ||
| 
 | ||
|    04 01 00 0B 06 09 2A 86 48 86 F7 12 01 02 02 hx xx xx xl pp qq ... zz
 | ||
| 
 | ||
|    04 01        mandatory token identifier
 | ||
| 
 | ||
|    00 0B        2-byte length of the immediately following DER-encoded
 | ||
|                 ASN.1 value of type OID, most significant octet first
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 84]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    06 09 2A 86 48 86 F7 12 01 02 02    DER-encoded ASN.1 value
 | ||
|                                        of type OID; Kerberos V5
 | ||
|                                        mechanism OID indicates
 | ||
|                                        Kerberos V5 exported name
 | ||
| 
 | ||
|           in Detail:      06                  Identifier octet (6=OID)
 | ||
|                           09                           Length octet(s)
 | ||
|                           2A 86 48 86 F7 12 01 02 02   Content octet(s)
 | ||
| 
 | ||
|    hx xx xx xl   4-byte length of the immediately following exported
 | ||
|                  name blob, most significant octet first
 | ||
| 
 | ||
|    pp qq ... zz  exported name blob of specified length,
 | ||
|                  bits and bytes specified in the
 | ||
|                  (Kerberos 5) GSS-API v2 mechanism spec
 | ||
| 
 | ||
| 4: Name Type Definitions
 | ||
| 
 | ||
|    This section includes definitions for name types and associated
 | ||
|    syntaxes which are defined in a mechanism-independent fashion at the
 | ||
|    GSS-API level rather than being defined in individual mechanism
 | ||
|    specifications.
 | ||
| 
 | ||
| 4.1: Host-Based Service Name Form
 | ||
| 
 | ||
|    This name form shall be represented by the Object Identifier:
 | ||
| 
 | ||
|    {iso(1) member-body(2) United States(840) mit(113554) infosys(1)
 | ||
|    "gssapi(2) generic(1) service_name(4)}.
 | ||
| 
 | ||
|    The recommended symbolic name for this type is
 | ||
|    "GSS_C_NT_HOSTBASED_SERVICE".
 | ||
| 
 | ||
|    For reasons of compatibility with existing implementations, it is
 | ||
|    recommended that this OID be used rather than the alternate value as
 | ||
|    included in [RFC-2078]:
 | ||
| 
 | ||
|    {1(iso), 3(org), 6(dod), 1(internet), 5(security), 6(nametypes),
 | ||
|    2(gss-host-based-services)}
 | ||
| 
 | ||
|    While it is not recommended that this alternate value be emitted on
 | ||
|    output by GSS implementations, it is recommended that it be accepted
 | ||
|    on input as equivalent to the recommended value.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 85]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    This name type is used to represent services associated with host
 | ||
|    computers.  Support for this name form is recommended to mechanism
 | ||
|    designers in the interests of portability, but is not mandated by
 | ||
|    this specification. This name form is constructed using two elements,
 | ||
|    "service" and "hostname", as follows:
 | ||
| 
 | ||
|    service@hostname
 | ||
| 
 | ||
|    When a reference to a name of this type is resolved, the "hostname"
 | ||
|    may (as an example implementation strategy) be canonicalized by
 | ||
|    attempting a DNS lookup and using the fully-qualified domain name
 | ||
|    which is returned, or by using the "hostname" as provided if the DNS
 | ||
|    lookup fails.  The canonicalization operation also maps the host's
 | ||
|    name into lower-case characters.
 | ||
| 
 | ||
|    The "hostname" element may be omitted. If no "@" separator is
 | ||
|    included, the entire name is interpreted as the service specifier,
 | ||
|    with the "hostname" defaulted to the canonicalized name of the local
 | ||
|    host.
 | ||
| 
 | ||
|    Documents specifying means for GSS integration into a particular
 | ||
|    protocol should state either:
 | ||
| 
 | ||
|       (a) that a specific IANA-registered name associated with that
 | ||
|       protocol shall be used for the "service" element (this admits, if
 | ||
|       needed, the possibility that a single name can be registered and
 | ||
|       shared among a related set of protocols), or
 | ||
| 
 | ||
|       (b) that the generic name "host" shall be used for the "service"
 | ||
|       element, or
 | ||
| 
 | ||
|       (c) that, for that protocol, fallback in specified order (a, then
 | ||
|       b) or (b, then a) shall be applied.
 | ||
| 
 | ||
|    IANA registration of specific names per (a) should be handled in
 | ||
|    accordance with the "Specification Required" assignment policy,
 | ||
|    defined by BCP 26, RFC 2434 as follows: "Values and their meaning
 | ||
|    must be documented in an RFC or other available reference, in
 | ||
|    sufficient detail so that interoperability between independent
 | ||
|    implementations is possible."
 | ||
| 
 | ||
| 4.2: User Name Form
 | ||
| 
 | ||
|    This name form shall be represented by the Object Identifier {iso(1)
 | ||
|    member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
 | ||
|    generic(1) user_name(1)}. The recommended mechanism-independent
 | ||
|    symbolic name for this type is "GSS_C_NT_USER_NAME". (Note: the same
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 86]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    name form and OID is defined within the Kerberos V5 GSS-API
 | ||
|    mechanism, but the symbolic name recommended there begins with a
 | ||
|    "GSS_KRB5_NT_" prefix.)
 | ||
| 
 | ||
|    This name type is used to indicate a named user on a local system.
 | ||
|    Its syntax and interpretation may be OS-specific. This name form is
 | ||
|    constructed as:
 | ||
| 
 | ||
|    username
 | ||
| 
 | ||
| 4.3: Machine UID Form
 | ||
| 
 | ||
|    This name form shall be represented by the Object Identifier {iso(1)
 | ||
|    member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
 | ||
|    generic(1) machine_uid_name(2)}.  The recommended mechanism-
 | ||
|    independent symbolic name for this type is
 | ||
|    "GSS_C_NT_MACHINE_UID_NAME".  (Note: the same name form and OID is
 | ||
|    defined within the Kerberos V5 GSS-API mechanism, but the symbolic
 | ||
|    name recommended there begins with a "GSS_KRB5_NT_" prefix.)
 | ||
| 
 | ||
|    This name type is used to indicate a numeric user identifier
 | ||
|    corresponding to a user on a local system.  Its interpretation is
 | ||
|    OS-specific.  The gss_buffer_desc representing a name of this type
 | ||
|    should contain a locally-significant user ID, represented in host
 | ||
|    byte order.  The GSS_Import_name() operation resolves this uid into a
 | ||
|    username, which is then treated as the User Name Form.
 | ||
| 
 | ||
| 4.4: String UID Form
 | ||
| 
 | ||
|    This name form shall be represented by the Object Identifier {iso(1)
 | ||
|    member-body(2) United States(840) mit(113554) infosys(1) gssapi(2)
 | ||
|    generic(1) string_uid_name(3)}.  The recommended symbolic name for
 | ||
|    this type is "GSS_C_NT_STRING_UID_NAME".  (Note: the same name form
 | ||
|    and OID is defined within the Kerberos V5 GSS-API mechanism, but the
 | ||
|    symbolic name recommended there begins with a "GSS_KRB5_NT_" prefix.)
 | ||
| 
 | ||
|    This name type is used to indicate a string of digits representing
 | ||
|    the numeric user identifier of a user on a local system.  Its
 | ||
|    interpretation is OS-specific. This name type is similar to the
 | ||
|    Machine UID Form, except that the buffer contains a string
 | ||
|    representing the user ID.
 | ||
| 
 | ||
| 4.5: Anonymous Nametype
 | ||
| 
 | ||
|    The following Object Identifier value is provided as a means to
 | ||
|    identify anonymous names, and can be compared against in order to
 | ||
|    determine, in a mechanism-independent fashion, whether a name refers
 | ||
|    to an anonymous principal:
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 87]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    {1(iso), 3(org), 6(dod), 1(internet), 5(security), 6(nametypes),
 | ||
|    3(gss-anonymous-name)}
 | ||
| 
 | ||
|    The recommended symbolic name corresponding to this definition is
 | ||
|    GSS_C_NT_ANONYMOUS.
 | ||
| 
 | ||
| 4.6: GSS_C_NO_OID
 | ||
| 
 | ||
|    The recommended symbolic name GSS_C_NO_OID corresponds to a null
 | ||
|    input value instead of an actual object identifier.  Where specified,
 | ||
|    it indicates interpretation of an associated name based on a
 | ||
|    mechanism-specific default printable syntax.
 | ||
| 
 | ||
| 4.7: Exported Name Object
 | ||
| 
 | ||
|    Name objects of the Mechanism-Independent Exported Name Object type,
 | ||
|    as defined in Section 3.2 of this document, will be identified with
 | ||
|    the following Object Identifier:
 | ||
| 
 | ||
|    {1(iso), 3(org), 6(dod), 1(internet), 5(security), 6(nametypes),
 | ||
|    4(gss-api-exported-name)}
 | ||
| 
 | ||
|    The recommended symbolic name corresponding to this definition is
 | ||
|    GSS_C_NT_EXPORT_NAME.
 | ||
| 
 | ||
| 4.8: GSS_C_NO_NAME
 | ||
| 
 | ||
|    The recommended symbolic name GSS_C_NO_NAME indicates that no name is
 | ||
|    being passed within a particular value of a parameter used for the
 | ||
|    purpose of transferring names. Note: GSS_C_NO_NAME is not an actual
 | ||
|    name type, and is not represented by an OID; its acceptability in
 | ||
|    lieu of an actual name is confined to specific calls
 | ||
|    (GSS_Acquire_cred(), GSS_Add_cred(), and GSS_Init_sec_context()) with
 | ||
|    usages as identified within this specification.
 | ||
| 
 | ||
| 5:  Mechanism-Specific Example Scenarios
 | ||
| 
 | ||
|    This section provides illustrative overviews of the use of various
 | ||
|    candidate mechanism types to support the GSS-API. These discussions
 | ||
|    are intended primarily for readers familiar with specific security
 | ||
|    technologies, demonstrating how GSS-API functions can be used and
 | ||
|    implemented by candidate underlying mechanisms. They should not be
 | ||
|    regarded as constrictive to implementations or as defining the only
 | ||
|    means through which GSS-API functions can be realized with a
 | ||
|    particular underlying technology, and do not demonstrate all GSS-API
 | ||
|    features with each technology.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 88]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 5.1: Kerberos V5, single-TGT
 | ||
| 
 | ||
|    OS-specific login functions yield a TGT to the local realm Kerberos
 | ||
|    server; TGT is placed in a credentials structure for the client.
 | ||
|    Client calls GSS_Acquire_cred()  to acquire a cred_handle in order to
 | ||
|    reference the credentials for use in establishing security contexts.
 | ||
| 
 | ||
|    Client calls GSS_Init_sec_context().  If the requested service is
 | ||
|    located in a different realm, GSS_Init_sec_context()  gets the
 | ||
|    necessary TGT/key pairs needed to traverse the path from local to
 | ||
|    target realm; these data are placed in the owner's TGT cache. After
 | ||
|    any needed remote realm resolution, GSS_Init_sec_context() yields a
 | ||
|    service ticket to the requested service with a corresponding session
 | ||
|    key; these data are stored in conjunction with the context. GSS-API
 | ||
|    code sends KRB_TGS_REQ request(s) and receives KRB_TGS_REP
 | ||
|    response(s) (in the successful case) or KRB_ERROR.
 | ||
| 
 | ||
|    Assuming success, GSS_Init_sec_context()  builds a Kerberos-formatted
 | ||
|    KRB_AP_REQ message, and returns it in output_token.  The client sends
 | ||
|    the output_token to the service.
 | ||
| 
 | ||
|    The service passes the received token as the input_token argument to
 | ||
|    GSS_Accept_sec_context(),  which verifies the authenticator, provides
 | ||
|    the service with the client's authenticated name, and returns an
 | ||
|    output_context_handle.
 | ||
| 
 | ||
|    Both parties now hold the session key associated with the service
 | ||
|    ticket, and can use this key in subsequent GSS_GetMIC(),
 | ||
|    GSS_VerifyMIC(),  GSS_Wrap(), and GSS_Unwrap() operations.
 | ||
| 
 | ||
| 5.2: Kerberos V5, double-TGT
 | ||
| 
 | ||
|    TGT acquisition as above.
 | ||
| 
 | ||
|    Note: To avoid unnecessary frequent invocations of error paths when
 | ||
|    implementing the GSS-API atop Kerberos V5, it seems appropriate to
 | ||
|    represent "single-TGT K-V5" and "double-TGT K-V5" with separate
 | ||
|    mech_types, and this discussion makes that assumption.
 | ||
| 
 | ||
|    Based on the (specified or defaulted) mech_type,
 | ||
|    GSS_Init_sec_context()  determines that the double-TGT protocol
 | ||
|    should be employed for the specified target. GSS_Init_sec_context()
 | ||
|    returns GSS_S_CONTINUE_NEEDED major_status, and its returned
 | ||
|    output_token contains a request to the service for the service's TGT.
 | ||
|    (If a service TGT with suitably long remaining lifetime already
 | ||
|    exists in a cache, it may be usable, obviating the need for this
 | ||
|    step.) The client passes the output_token to the service.  Note: this
 | ||
|    scenario illustrates a different use for the GSS_S_CONTINUE_NEEDED
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 89]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    status return facility than for support of mutual authentication;
 | ||
|    note that both uses can coexist as successive operations within a
 | ||
|    single context establishment operation.
 | ||
| 
 | ||
|    The service passes the received token as the input_token argument to
 | ||
|    GSS_Accept_sec_context(),  which recognizes it as a request for TGT.
 | ||
|    (Note that current Kerberos V5 defines no intra-protocol mechanism to
 | ||
|    represent such a request.) GSS_Accept_sec_context() returns
 | ||
|    GSS_S_CONTINUE_NEEDED major_status and provides the service's TGT in
 | ||
|    its output_token. The service sends the output_token to the client.
 | ||
| 
 | ||
|    The client passes the received token as the input_token argument to a
 | ||
|    continuation of GSS_Init_sec_context(). GSS_Init_sec_context() caches
 | ||
|    the received service TGT and uses it as part of a service ticket
 | ||
|    request to the Kerberos authentication server, storing the returned
 | ||
|    service ticket and session key in conjunction with the context.
 | ||
|    GSS_Init_sec_context() builds a Kerberos-formatted authenticator, and
 | ||
|    returns it in output_token along with GSS_S_COMPLETE return
 | ||
|    major_status. The client sends the output_token to the service.
 | ||
| 
 | ||
|    Service passes the received token as the input_token argument to a
 | ||
|    continuation call to GSS_Accept_sec_context().
 | ||
|    GSS_Accept_sec_context()  verifies the authenticator, provides the
 | ||
|    service with the client's authenticated name, and returns
 | ||
|    major_status GSS_S_COMPLETE.
 | ||
| 
 | ||
|    GSS_GetMIC(),  GSS_VerifyMIC(), GSS_Wrap(), and GSS_Unwrap()  as
 | ||
|    above.
 | ||
| 
 | ||
| 5.3:  X.509 Authentication Framework
 | ||
| 
 | ||
|    This example illustrates use of the GSS-API in conjunction with
 | ||
|    public-key mechanisms, consistent with the X.509 Directory
 | ||
|    Authentication Framework.
 | ||
| 
 | ||
|    The GSS_Acquire_cred() call establishes a credentials structure,
 | ||
|    making the client's private key accessible for use on behalf of the
 | ||
|    client.
 | ||
| 
 | ||
|    The client calls GSS_Init_sec_context(), which interrogates the
 | ||
|    Directory to acquire (and validate) a chain of public-key
 | ||
|    certificates, thereby collecting the public key of the service.  The
 | ||
|    certificate validation operation determines that suitable integrity
 | ||
|    checks were applied by trusted authorities and that those
 | ||
|    certificates have not expired. GSS_Init_sec_context() generates a
 | ||
|    secret key for use in per-message protection operations on the
 | ||
|    context, and enciphers that secret key under the service's public
 | ||
|    key.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 90]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    The enciphered secret key, along with an authenticator quantity
 | ||
|    signed with the client's private key, is included in the output_token
 | ||
|    from GSS_Init_sec_context().  The output_token also carries a
 | ||
|    certification path, consisting of a certificate chain leading from
 | ||
|    the service to the client; a variant approach would defer this path
 | ||
|    resolution to be performed by the service instead of being asserted
 | ||
|    by the client. The client application sends the output_token to the
 | ||
|    service.
 | ||
| 
 | ||
|    The service passes the received token as the input_token argument to
 | ||
|    GSS_Accept_sec_context(). GSS_Accept_sec_context() validates the
 | ||
|    certification path, and as a result determines a certified binding
 | ||
|    between the client's distinguished name and the client's public key.
 | ||
|    Given that public key, GSS_Accept_sec_context() can process the
 | ||
|    input_token's authenticator quantity and verify that the client's
 | ||
|    private key was used to sign the input_token. At this point, the
 | ||
|    client is authenticated to the service. The service uses its private
 | ||
|    key to decipher the enciphered secret key provided to it for per-
 | ||
|    message protection operations on the context.
 | ||
| 
 | ||
|    The client calls GSS_GetMIC() or GSS_Wrap() on a data message, which
 | ||
|    causes per-message authentication, integrity, and (optional)
 | ||
|    confidentiality facilities to be applied to that message. The service
 | ||
|    uses the context's shared secret key to perform corresponding
 | ||
|    GSS_VerifyMIC()  and GSS_Unwrap() calls.
 | ||
| 
 | ||
| 6:  Security Considerations
 | ||
| 
 | ||
|    This document specifies a service interface for security facilities
 | ||
|    and services; as such, security considerations are considered
 | ||
|    throughout the specification.  Nonetheless, it is appropriate to
 | ||
|    summarize certain specific points relevant to GSS-API implementors
 | ||
|    and calling applications.  Usage of the GSS-API interface does not in
 | ||
|    itself provide security services or assurance; instead, these
 | ||
|    attributes are dependent on the underlying mechanism(s) which support
 | ||
|    a GSS-API implementation.  Callers must be attentive to the requests
 | ||
|    made to GSS-API calls and to the status indicators returned by GSS-
 | ||
|    API, as these specify the security service characteristics which
 | ||
|    GSS-API will provide.  When the interprocess context transfer
 | ||
|    facility is used, appropriate local controls should be applied to
 | ||
|    constrain access to interprocess tokens and to the sensitive data
 | ||
|    which they contain.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 91]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 7:  Related Activities
 | ||
| 
 | ||
|    In order to implement the GSS-API atop existing, emerging, and future
 | ||
|    security mechanisms:
 | ||
| 
 | ||
|       object identifiers must be assigned to candidate GSS-API
 | ||
|       mechanisms and the name types which they support
 | ||
| 
 | ||
|       concrete data element formats and processing procedures must be
 | ||
|       defined for candidate mechanisms
 | ||
| 
 | ||
|    Calling applications must implement formatting conventions which will
 | ||
|    enable them to distinguish GSS-API tokens from other data carried in
 | ||
|    their application protocols.
 | ||
| 
 | ||
|    Concrete language bindings are required for the programming
 | ||
|    environments in which the GSS-API is to be employed, as [RFC-1509]
 | ||
|    defines for the C programming language and GSS-V1.  C Language
 | ||
|    bindings for GSS-V2 are defined in [RFC-2744].
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 92]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| 8:  Referenced Documents
 | ||
| 
 | ||
|    [ISO-7498-2]  International Standard ISO 7498-2-1988(E), Security
 | ||
|                  Architecture.
 | ||
| 
 | ||
|    [ISOIEC-8824] ISO/IEC 8824, "Specification of Abstract Syntax
 | ||
|                  Notation One (ASN.1)".
 | ||
| 
 | ||
|    [ISOIEC-8825] ISO/IEC 8825, "Specification of Basic Encoding Rules
 | ||
|                  for Abstract Syntax Notation One (ASN.1)".)
 | ||
| 
 | ||
|    [RFC-1507]:   Kaufman, C., "DASS: Distributed Authentication Security
 | ||
|                  Service", RFC 1507, September 1993.
 | ||
| 
 | ||
|    [RFC-1508]:   Linn, J., "Generic Security Service Application Program
 | ||
|                  Interface", RFC 1508, September 1993.
 | ||
| 
 | ||
|    [RFC-1509]:   Wray, J., "Generic Security Service API: C-bindings",
 | ||
|                  RFC 1509, September 1993.
 | ||
| 
 | ||
|    [RFC-1964]:   Linn, J., "The Kerberos Version 5 GSS-API Mechanism",
 | ||
|                  RFC 1964, June 1996.
 | ||
| 
 | ||
|    [RFC-2025]:   Adams, C., "The Simple Public-Key GSS-API Mechanism
 | ||
|                  (SPKM)", RFC 2025, October 1996.
 | ||
| 
 | ||
|    [RFC-2078]:   Linn, J., "Generic Security Service Application Program
 | ||
|                  Interface, Version 2", RFC 2078, January 1997.
 | ||
| 
 | ||
|    [RFC-2203]:   Eisler, M., Chiu, A. and L. Ling, "RPCSEC_GSS Protocol
 | ||
|                  Specification", RFC 2203, September 1997.
 | ||
| 
 | ||
|    [RFC-2744]:   Wray, J., "Generic Security Service API Version 2 :
 | ||
|                  C-bindings", RFC 2744, January 2000.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 93]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| APPENDIX A
 | ||
| 
 | ||
| MECHANISM DESIGN CONSTRAINTS
 | ||
| 
 | ||
|    The following constraints on GSS-API mechanism designs are adopted in
 | ||
|    response to observed caller protocol requirements, and adherence
 | ||
|    thereto is anticipated in subsequent descriptions of GSS-API
 | ||
|    mechanisms to be documented in standards-track Internet
 | ||
|    specifications.
 | ||
| 
 | ||
|    It is strongly recommended that mechanisms offering per-message
 | ||
|    protection services also offer at least one of the replay detection
 | ||
|    and sequencing services, as mechanisms offering neither of the latter
 | ||
|    will fail to satisfy recognized requirements of certain candidate
 | ||
|    caller protocols.
 | ||
| 
 | ||
| APPENDIX B
 | ||
| 
 | ||
| COMPATIBILITY WITH GSS-V1
 | ||
| 
 | ||
|    It is the intent of this document to define an interface and
 | ||
|    procedures which preserve compatibility between GSS-V1 [RFC-1508]
 | ||
|    callers and GSS-V2 providers.  All calls defined in GSS-V1 are
 | ||
|    preserved, and it has been a goal that GSS-V1 callers should be able
 | ||
|    to operate atop GSS-V2 provider implementations.  Certain detailed
 | ||
|    changes, summarized in this section, have been made in order to
 | ||
|    resolve omissions identified in GSS-V1.
 | ||
| 
 | ||
|    The following GSS-V1 constructs, while supported within GSS-V2, are
 | ||
|    deprecated:
 | ||
| 
 | ||
|       Names for per-message processing routines: GSS_Seal() deprecated
 | ||
|       in favor of GSS_Wrap(); GSS_Sign() deprecated in favor of
 | ||
|       GSS_GetMIC(); GSS_Unseal() deprecated in favor of GSS_Unwrap();
 | ||
|       GSS_Verify() deprecated in favor of GSS_VerifyMIC().
 | ||
| 
 | ||
|       GSS_Delete_sec_context() facility for context_token usage,
 | ||
|       allowing mechanisms to signal context deletion, is retained for
 | ||
|       compatibility with GSS-V1.  For current usage, it is recommended
 | ||
|       that both peers to a context invoke GSS_Delete_sec_context()
 | ||
|       independently, passing a null output_context_token buffer to
 | ||
|       indicate that no context_token is required.  Implementations of
 | ||
|       GSS_Delete_sec_context() should delete relevant locally-stored
 | ||
|       context information.
 | ||
| 
 | ||
|    This GSS-V2 specification adds the following calls which are not
 | ||
|    present in GSS-V1:
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 94]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       Credential management calls: GSS_Add_cred(),
 | ||
|       GSS_Inquire_cred_by_mech().
 | ||
| 
 | ||
|       Context-level calls: GSS_Inquire_context(), GSS_Wrap_size_limit(),
 | ||
|       GSS_Export_sec_context(), GSS_Import_sec_context().
 | ||
| 
 | ||
|       Per-message calls: No new calls.  Existing calls have been
 | ||
|       renamed.
 | ||
| 
 | ||
|       Support calls: GSS_Create_empty_OID_set(),
 | ||
|       GSS_Add_OID_set_member(), GSS_Test_OID_set_member(),
 | ||
|       GSS_Inquire_names_for_mech(), GSS_Inquire_mechs_for_name(),
 | ||
|       GSS_Canonicalize_name(), GSS_Export_name(), GSS_Duplicate_name().
 | ||
| 
 | ||
|    This GSS-V2 specification introduces three new facilities applicable
 | ||
|    to security contexts, indicated using the following context state
 | ||
|    values which are not present in GSS-V1:
 | ||
| 
 | ||
|       anon_state, set TRUE to indicate that a context's initiator is
 | ||
|       anonymous from the viewpoint of the target; Section 1.2.5 of this
 | ||
|       specification provides a summary description of the GSS-V2
 | ||
|       anonymity support facility, support and use of which is optional.
 | ||
| 
 | ||
|       prot_ready_state, set TRUE to indicate that a context may be used
 | ||
|       for per-message protection before final completion of context
 | ||
|       establishment; Section 1.2.7 of this specification provides a
 | ||
|       summary description of the GSS-V2 facility enabling mechanisms to
 | ||
|       selectively permit per-message protection during context
 | ||
|       establishment, support and use of which is optional.
 | ||
| 
 | ||
|       trans_state, set TRUE to indicate that a context is transferable
 | ||
|       to another process using the GSS-V2 GSS_Export_sec_context()
 | ||
|       facility.
 | ||
| 
 | ||
|    These state values are represented (at the C bindings level) in
 | ||
|    positions within a bit vector which are unused in GSS-V1, and may be
 | ||
|    safely ignored by GSS-V1 callers.
 | ||
| 
 | ||
|    New conf_req_flag and integ_req_flag inputs are defined for
 | ||
|    GSS_Init_sec_context(), primarily to provide information to
 | ||
|    negotiating mechanisms.  This introduces a compatibility issue with
 | ||
|    GSS-V1 callers, discussed in section 2.2.1 of this specification.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 95]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    Relative to GSS-V1, GSS-V2 provides additional guidance to GSS-API
 | ||
|    implementors in the following areas: implementation robustness,
 | ||
|    credential management, behavior in multi-mechanism configurations,
 | ||
|    naming support, and inclusion of optional sequencing services.  The
 | ||
|    token tagging facility as defined in GSS-V2, Section 3.1, is now
 | ||
|    described directly in terms of octets to facilitate interoperable
 | ||
|    implementation without general ASN.1 processing code; the
 | ||
|    corresponding ASN.1 syntax, included for descriptive purposes, is
 | ||
|    unchanged from that in GSS-V1. For use in conjunction with added
 | ||
|    naming support facilities, a new Exported Name Object construct is
 | ||
|    added.  Additional name types are introduced in Section 4.
 | ||
| 
 | ||
|    This GSS-V2 specification adds the following major_status values
 | ||
|    which are not defined in GSS-V1:
 | ||
| 
 | ||
|         GSS_S_BAD_QOP                 unsupported QOP value
 | ||
|         GSS_S_UNAUTHORIZED            operation unauthorized
 | ||
|         GSS_S_UNAVAILABLE             operation unavailable
 | ||
|         GSS_S_DUPLICATE_ELEMENT       duplicate credential element
 | ||
|                                         requested
 | ||
|         GSS_S_NAME_NOT_MN                   name contains multi-mechanism
 | ||
|                                         elements
 | ||
|         GSS_S_GAP_TOKEN               skipped predecessor token(s)
 | ||
|                                         detected
 | ||
| 
 | ||
|    Of these added status codes, only two values are defined to be
 | ||
|    returnable by calls existing in GSS-V1: GSS_S_BAD_QOP (returnable by
 | ||
|    GSS_GetMIC() and GSS_Wrap()), and GSS_S_GAP_TOKEN (returnable by
 | ||
|    GSS_VerifyMIC() and GSS_Unwrap()).
 | ||
| 
 | ||
|    Additionally, GSS-V2 descriptions of certain calls present in GSS-V1
 | ||
|    have been updated to allow return of additional major_status values
 | ||
|    from the set as defined in GSS-V1: GSS_Inquire_cred() has
 | ||
|    GSS_S_DEFECTIVE_CREDENTIAL and GSS_S_CREDENTIALS_EXPIRED defined as
 | ||
|    returnable, GSS_Init_sec_context() has GSS_S_OLD_TOKEN,
 | ||
|    GSS_S_DUPLICATE_TOKEN, and GSS_S_BAD_MECH defined as returnable, and
 | ||
|    GSS_Accept_sec_context() has GSS_S_BAD_MECH defined as returnable.
 | ||
| 
 | ||
| APPENDIX C
 | ||
| 
 | ||
| CHANGES RELATIVE TO RFC-2078
 | ||
| 
 | ||
|    This document incorporates a number of changes relative to RFC-2078,
 | ||
|    made primarily in response to implementation experience, for purposes
 | ||
|    of alignment with the GSS-V2 C language bindings document, and to add
 | ||
|    informative clarification.  This section summarizes technical changes
 | ||
|    incorporated.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 96]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|    General:
 | ||
| 
 | ||
|       Clarified usage of object release routines, and incorporated
 | ||
|       statement that some may be omitted within certain operating
 | ||
|       environments.
 | ||
| 
 | ||
|       Removed GSS_Release_OID, GSS_OID_to_str(), and GSS_Str_to_OID()
 | ||
|       routines.
 | ||
| 
 | ||
|       Clarified circumstances under which zero-length tokens may validly
 | ||
|       exist as inputs and outputs to/from GSS-API calls.
 | ||
| 
 | ||
|       Added GSS_S_BAD_MIC status code as alias for GSS_S_BAD_SIG.
 | ||
| 
 | ||
|       For GSS_Display_status(), deferred to language bindings the choice
 | ||
|       of whether to return multiple status values in parallel or via
 | ||
|       iteration, and added commentary deprecating return of
 | ||
|       GSS_S_CONTINUE_NEEDED.
 | ||
| 
 | ||
|       Adapted and incorporated clarifying material on optional service
 | ||
|       support, delegation, and interprocess context transfer from C
 | ||
|       bindings document.
 | ||
| 
 | ||
|       Added and updated references to related documents, and to current
 | ||
|       status of cited Kerberos mechanism OID.
 | ||
| 
 | ||
|       Added general statement about GSS-API calls having no side effects
 | ||
|       visible at the GSS-API level.
 | ||
| 
 | ||
|    Context-related (including per-message protection issues):
 | ||
| 
 | ||
|       Clarified GSS_Delete_sec_context() usage for partially-established
 | ||
|       contexts.
 | ||
| 
 | ||
|       Added clarification on GSS_Export_sec_context() and
 | ||
|       GSS_Import_sec_context() behavior and context usage following an
 | ||
|       export-import sequence.
 | ||
| 
 | ||
|       Added informatory conf_req_flag, integ_req_flag inputs to
 | ||
|       GSS_Init_sec_context().  (Note: this facility introduces a
 | ||
|       backward incompatibility with GSS-V1 callers, discussed in Section
 | ||
|       2.2.1; this implication was recognized and accepted in working
 | ||
|       group discussion.)
 | ||
| 
 | ||
|       Stated that GSS_S_FAILURE is to be returned if
 | ||
|       GSS_Init_sec_context() or GSS_Accept_sec_context() is passed the
 | ||
|       handle of a context which is already fully established.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 97]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       Re GSS_Inquire_sec_context(), stated that src_name and targ_name
 | ||
|       are not returned until GSS_S_COMPLETE status is reached; removed
 | ||
|       use of GSS_S_CONTEXT_EXPIRED status code (replacing with EXPIRED
 | ||
|       lifetime return value); stated requirement to retain inquirable
 | ||
|       data until context released by caller; added result value
 | ||
|       indicating whether or not context is fully open.
 | ||
| 
 | ||
|       Added discussion of interoperability conditions for mechanisms
 | ||
|       permitting optional support of QOPs. Removed reference to
 | ||
|       structured QOP elements in GSS_Verify_MIC().
 | ||
| 
 | ||
|       Added discussion of use of GSS_S_DUPLICATE_TOKEN status to
 | ||
|       indicate reflected per-message tokens.
 | ||
| 
 | ||
|       Clarified use of informational sequencing codes from per-message
 | ||
|       protection calls in conjunction with GSS_S_COMPLETE and
 | ||
|       GSS_S_FAILURE major_status returns, adjusting status code
 | ||
|       descriptions accordingly.
 | ||
| 
 | ||
|       Added specific statements about impact of GSS_GetMIC() and
 | ||
|       GSS_Wrap() failures on context state information, and generalized
 | ||
|       existing statements about impact of processing failures on
 | ||
|       received per-message tokens.
 | ||
| 
 | ||
|       For GSS_Init_sec_context() and GSS_Accept_sec_context(), permitted
 | ||
|       returned mech_type to be valid before GSS_S_COMPLETE, recognizing
 | ||
|       that the value may change on successive continuation calls in the
 | ||
|       negotiated mechanism case.
 | ||
| 
 | ||
|       Deleted GSS_S_CONTEXT_EXPIRED status from
 | ||
|       GSS_Import_sec_context().
 | ||
| 
 | ||
|       Added conf_req_flag input to GSS_Wrap_size_limit().
 | ||
| 
 | ||
|       Stated requirement for mechanisms' support of per-message
 | ||
|       protection services to be usable concurrently in both directions
 | ||
|       on a context.
 | ||
| 
 | ||
|    Credential-related:
 | ||
| 
 | ||
|       For GSS_Acquire_cred() and GSS_Add_cred(), aligned with C bindings
 | ||
|       statement of likely non-support for INITIATE or BOTH credentials
 | ||
|       if input name is neither empty nor a name resulting from applying
 | ||
|       GSS_Inquire_cred() against the default credential.  Further,
 | ||
|       stated that an explicit name returned by GSS_Inquire_context()
 | ||
|       should also be accepted.  Added commentary about potentially
 | ||
|       time-variant results of default resolution and attendant
 | ||
|       implications.  Aligned with C bindings re behavior when
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 98]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       GSS_C_NO_NAME provided for desired_name. In GSS_Acquire_cred(),
 | ||
|       stated that NULL, rather than empty OID set, should be used for
 | ||
|       desired_mechs in order to request default mechanism set.
 | ||
| 
 | ||
|       Added GSS_S_CREDENTIALS_EXPIRED as returnable major_status for
 | ||
|       GSS_Acquire_cred(), GSS_Add_cred(), also specifying GSS_S_NO_CRED
 | ||
|       as appropriate return for temporary, user-fixable credential
 | ||
|       unavailability.  GSS_Acquire_cred() and GSS_Add_cred() are also to
 | ||
|       return GSS_S_NO_CRED if an authorization failure is encountered
 | ||
|       upon credential acquisition.
 | ||
| 
 | ||
|       Removed GSS_S_CREDENTIALS_EXPIRED status return from per-message
 | ||
|       protection, GSS_Context_time(), and GSS_Inquire_context() calls.
 | ||
| 
 | ||
|       For GSS_Add_cred(), aligned with C bindings' description of
 | ||
|       behavior when addition of elements to the default credential is
 | ||
|       requested.
 | ||
| 
 | ||
|       Upgraded recommended default credential resolution algorithm to
 | ||
|       status of requirement for initiator credentials.
 | ||
| 
 | ||
|       For GSS_Release_cred(), GSS_Inquire_cred(), and
 | ||
|       GSS_Inquire_cred_by_mech(), clarified behavior for input
 | ||
|       GSS_C_NO_CREDENTIAL.
 | ||
| 
 | ||
|    Name-related:
 | ||
| 
 | ||
|       Aligned GSS_Inquire_mechs_for_name() description with C bindings.
 | ||
| 
 | ||
|       Removed GSS_S_BAD_NAMETYPE status return from
 | ||
|       GSS_Duplicate_name(), GSS_Display_name(); constrained its
 | ||
|       applicability for GSS_Compare_name().
 | ||
| 
 | ||
|       Aligned with C bindings statement re GSS_Import_name() behavior
 | ||
|       with GSS_C_NO_OID input name type, and stated that GSS-V2
 | ||
|       mechanism specifications are to define processing procedures
 | ||
|       applicable to their mechanisms.  Also clarified GSS_C_NO_OID usage
 | ||
|       with GSS_Display_name().
 | ||
| 
 | ||
|       Downgraded reference to name canonicalization via DNS lookup to an
 | ||
|       example.
 | ||
| 
 | ||
|       For GSS_Canonicalize_name(), stated that neither negotiated
 | ||
|       mechanisms nor the default mechanism are supported input
 | ||
|       mech_types for this operation, and specified GSS_S_BAD_MECH status
 | ||
|       to be returned in this case.  Clarified that the
 | ||
|       GSS_Canonicalize_name() operation is non-destructive to its input
 | ||
|       name.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                    [Page 99]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
|       Clarified semantics of GSS_C_NT_USER_NAME name type.
 | ||
| 
 | ||
|       Added descriptions of additional name types.  Also added
 | ||
|       discussion of GSS_C_NO_NAME and its constrained usage with
 | ||
|       specific GSS calls.
 | ||
| 
 | ||
|       Adapted and incorporated C bindings discussion about name
 | ||
|       comparisons with exported name objects.
 | ||
| 
 | ||
|       Added recommendation to mechanism designers for support of host-
 | ||
|       based service name type, deferring any requirement statement to
 | ||
|       individual mechanism specifications.  Added discussion of host-
 | ||
|       based service's service name element and proposed approach for
 | ||
|       IANA registration policy therefor.
 | ||
| 
 | ||
|       Clarified byte ordering within exported name object.  Stated that
 | ||
|       GSS_S_BAD_MECH is to be returned if, in the course of attempted
 | ||
|       import of an exported name object, the name object's enclosed
 | ||
|       mechanism type is unrecognized or unsupported.
 | ||
| 
 | ||
|       Stated that mechanisms may optionally accept GSS_C_NO_NAME as an
 | ||
|       input target name to GSS_Init_sec_context(), with comment that
 | ||
|       such support is unlikely within mechanisms predating GSS-V2,
 | ||
|       Update 1.
 | ||
| 
 | ||
| AUTHOR'S ADDRESS
 | ||
| 
 | ||
|    John Linn
 | ||
|    RSA Laboratories
 | ||
|    20 Crosby Drive
 | ||
|    Bedford, MA  01730 USA
 | ||
| 
 | ||
|    Phone: +1 781.687.7817
 | ||
|    EMail: jlinn@rsasecurity.com
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                   [Page 100]
 | ||
| 
 | ||
| RFC 2743                        GSS-API                     January 2000
 | ||
| 
 | ||
| 
 | ||
| Full Copyright Statement
 | ||
| 
 | ||
|    Copyright (C) The Internet Society (2000).  All Rights Reserved.
 | ||
| 
 | ||
|    This document and translations of it may be copied and furnished to
 | ||
|    others, and derivative works that comment on or otherwise explain it
 | ||
|    or assist in its implementation may be prepared, copied, published
 | ||
|    and distributed, in whole or in part, without restriction of any
 | ||
|    kind, provided that the above copyright notice and this paragraph are
 | ||
|    included on all such copies and derivative works.  However, this
 | ||
|    document itself may not be modified in any way, such as by removing
 | ||
|    the copyright notice or references to the Internet Society or other
 | ||
|    Internet organizations, except as needed for the purpose of
 | ||
|    developing Internet standards in which case the procedures for
 | ||
|    copyrights defined in the Internet Standards process must be
 | ||
|    followed, or as required to translate it into languages other than
 | ||
|    English.
 | ||
| 
 | ||
|    The limited permissions granted above are perpetual and will not be
 | ||
|    revoked by the Internet Society or its successors or assigns.
 | ||
| 
 | ||
|    This document and the information contained herein is provided on an
 | ||
|    "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
 | ||
|    TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
 | ||
|    BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
 | ||
|    HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
 | ||
|    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 | ||
| 
 | ||
| Acknowledgement
 | ||
| 
 | ||
|    Funding for the RFC Editor function is currently provided by the
 | ||
|    Internet Society.
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| 
 | ||
| Linn                        Standards Track                   [Page 101]
 | ||
| 
 |