RFC 5801
Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family, July 2010
- File formats:
- Status:
- PROPOSED STANDARD
- Updated by:
- RFC 9266
- Authors:
- S. Josefsson
N. Williams - Stream:
- IETF
- Source:
- sasl (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC5801
Discuss this RFC: Send questions or comments to the mailing list kitten@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 5801
Abstract
This document describes how to use a Generic Security Service Application Program Interface (GSS-API) mechanism in the Simple Authentication and Security Layer (SASL) framework. This is done by defining a new SASL mechanism family, called GS2. This mechanism family offers a number of improvements over the previous "SASL/ GSSAPI" mechanism: it is more general, uses fewer messages for the authentication phase in some cases, and supports negotiable use of channel binding. Only GSS-API mechanisms that support channel binding and mutual authentication are supported. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.