Search RFCs
RFC 5801
Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family,July 2010
- File formats:
- Status:
- PROPOSED STANDARD
- Updated by:
- RFC 9266
- Authors:
- S. Josefsson
N. Williams - Stream:
- IETF
- Source:
- sasl (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC5801
Discuss this RFC: Send questions or comments to the mailing listkitten@ietf.org
Other actions:View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 5801
Abstract
This document describes how to use a Generic Security ServiceApplication Program Interface (GSS-API) mechanism in the SimpleAuthentication and Security Layer (SASL) framework. This is done bydefining a new SASL mechanism family, called GS2. This mechanismfamily offers a number of improvements over the previous "SASL/GSSAPI" mechanism: it is more general, uses fewer messages for theauthentication phase in some cases, and supports negotiable use ofchannel binding. Only GSS-API mechanisms that support channelbinding and mutual authentication are supported. [STANDARDS-TRACK]
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.