OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [wss] What is a GSS wrapped Kerberos v5 AP-REQ?


The wrapped refers to a GSSAPI encapsulated Kerberos AP_REP as opposed to a Kerberos AP_REP, so the references to Kerberos and to GSSAPI cover these, if you don't think so, propose some wording as I believe it covered.

Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Inactive hide details for Prateek Mishra <prateek.mishra@oracle.com>Prateek Mishra <prateek.mishra@oracle.com>

          Prateek Mishra <prateek.mishra@oracle.com>

          09/08/2005 10:52 AM




Pratik Datta <pratik.datta@oracle.com>


[wss] What is a GSS wrapped Kerberos v5 AP-REQ?

The phrase "2005xx-wss-kerberos-token-profile-
A GSS wrapped Kerberos v5 AP-REQ as
defined in the GSSAPI specification." is used in the kerberos profile draft.

However, no reference is provided to support this term. I was not able
to find a reference in the discussion trail either.

Is RFC 1964 meant here?


RFC 1964 describes a GSS_wrap method BUT I do not believe its use is
meant here. This method is typically used to transmit data securely
between client and server once a security context is established.

The informal sense of this phrase suggests successful completion
gss_init_sec_context() method, followed by use of the resulting security
context object. If this is what was intended, we need to either point to
a definition or provide one.

- prateek

To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS

GIF image

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]