rfc2743.txt

RFC 的详细文档！

   results only for MNs.

   The following diagram illustrates the intended dataflow among name-
   related GSS-API processing routines.
























Linn                        Standards Track                    [Page 15]

RFC 2743                        GSS-API                     January 2000


                        GSS-API library defaults
                               |
                               |
                               V                         text, for
   text -------------->  internal_name (IN) -----------> display only
         import_name()          /          display_name()
                               /
                              /
                             /
    accept_sec_context()    /
          |                /
          |               /
          |              /  canonicalize_name()
          |             /
          |            /
          |           /
          |          /
          |         /
          |        |
          V        V     <---------------------
    single mechanism        import_name()         exported name: flat
    internal_name (MN)                            binary "blob" usable
                         ---------------------->  for access control
                            export_name()

1.1.6:  Channel Bindings

   The GSS-API accommodates the concept of caller-provided channel
   binding ("chan_binding") information.  Channel bindings are used to
   strengthen the quality with which peer entity authentication is
   provided during context establishment, by limiting the scope within
   which an intercepted context establishment token can be reused by an
   attacker. Specifically, they enable GSS-API callers to bind the
   establishment of a security context to relevant characteristics
   (e.g., addresses, transformed representations of encryption keys) of
   the underlying communications channel, of protection mechanisms
   applied to that communications channel, and to application-specific
   data.

   The caller initiating a security context must determine the
   appropriate channel binding values to provide as input to the
   GSS_Init_sec_context() call, and consistent values must be provided
   to GSS_Accept_sec_context() by the context's target, in order for
   both peers' GSS-API mechanisms to validate that received tokens
   possess correct channel-related characteristics. Use or non-use of
   the GSS-API channel binding facility is a caller option.  GSS-API
   mechanisms can operate in an environment where NULL channel bindings
   are presented; mechanism implementors are encouraged, but not



Linn                        Standards Track                    [Page 16]

RFC 2743                        GSS-API                     January 2000


   required, to make use of caller-provided channel binding data within
   their mechanisms. Callers should not assume that underlying
   mechanisms provide confidentiality protection for channel binding
   information.

   When non-NULL channel bindings are provided by callers, certain
   mechanisms can offer enhanced security value by interpreting the
   bindings' content (rather than simply representing those bindings, or
   integrity check values computed on them, within tokens) and will
   therefore depend on presentation of specific data in a defined
   format. To this end, agreements among mechanism implementors are
   defining conventional interpretations for the contents of channel
   binding arguments, including address specifiers (with content
   dependent on communications protocol environment) for context
   initiators and acceptors. (These conventions are being incorporated
   in GSS-API mechanism specifications and into the GSS-API C language
   bindings specification.) In order for GSS-API callers to be portable
   across multiple mechanisms and achieve the full security
   functionality which each mechanism can provide, it is strongly
   recommended that GSS-API callers provide channel bindings consistent
   with these conventions and those of the networking environment in
   which they operate.

1.2:  GSS-API Features and Issues

   This section describes aspects of GSS-API operations, of the security
   services which the GSS-API provides, and provides commentary on
   design issues.

1.2.1:  Status Reporting and Optional Service Support

1.2.1.1: Status Reporting

   Each GSS-API call provides two status return values. Major_status
   values provide a mechanism-independent indication of call status
   (e.g., GSS_S_COMPLETE, GSS_S_FAILURE, GSS_S_CONTINUE_NEEDED),
   sufficient to drive normal control flow within the caller in a
   generic fashion. Table 1 summarizes the defined major_status return
   codes in tabular fashion.

   Sequencing-related informatory major_status codes
   (GSS_S_DUPLICATE_TOKEN, GSS_S_OLD_TOKEN, GSS_S_UNSEQ_TOKEN, and
   GSS_S_GAP_TOKEN) can be indicated in conjunction with either
   GSS_S_COMPLETE or GSS_S_FAILURE status for GSS-API per-message calls.
   For context establishment calls, these sequencing-related codes will
   be indicated only in conjunction with GSS_S_FAILURE status (never in





Linn                        Standards Track                    [Page 17]

RFC 2743                        GSS-API                     January 2000


   conjunction with GSS_S_COMPLETE or GSS_S_CONTINUE_NEEDED), and,
   therefore, always correspond to fatal failures if encountered during
   the context establishment phase.

   Table 1: GSS-API Major Status Codes

   FATAL ERROR CODES

   GSS_S_BAD_BINDINGS            channel binding mismatch
   GSS_S_BAD_MECH                unsupported mechanism requested
   GSS_S_BAD_NAME                invalid name provided
   GSS_S_BAD_NAMETYPE            name of unsupported type provided
   GSS_S_BAD_STATUS              invalid input status selector
   GSS_S_BAD_SIG                 token had invalid integrity check
   GSS_S_BAD_MIC                   preferred alias for GSS_S_BAD_SIG
   GSS_S_CONTEXT_EXPIRED         specified security context expired
   GSS_S_CREDENTIALS_EXPIRED     expired credentials detected
   GSS_S_DEFECTIVE_CREDENTIAL    defective credential detected
   GSS_S_DEFECTIVE_TOKEN         defective token detected
   GSS_S_FAILURE                 failure, unspecified at GSS-API
                                   level
   GSS_S_NO_CONTEXT              no valid security context specified
   GSS_S_NO_CRED                 no valid credentials provided
   GSS_S_BAD_QOP                 unsupported QOP value
   GSS_S_UNAUTHORIZED            operation unauthorized
   GSS_S_UNAVAILABLE             operation unavailable
   GSS_S_DUPLICATE_ELEMENT       duplicate credential element requested
   GSS_S_NAME_NOT_MN             name contains multi-mechanism elements

   INFORMATORY STATUS CODES

   GSS_S_COMPLETE                normal completion
   GSS_S_CONTINUE_NEEDED         continuation call to routine
                                  required
   GSS_S_DUPLICATE_TOKEN         duplicate per-message token
                                  detected
   GSS_S_OLD_TOKEN               timed-out per-message token
                                  detected
   GSS_S_UNSEQ_TOKEN             reordered (early) per-message token
                                  detected
   GSS_S_GAP_TOKEN               skipped predecessor token(s)
                                  detected

   Minor_status provides more detailed status information which may
   include status codes specific to the underlying security mechanism.
   Minor_status values are not specified in this document.





Linn                        Standards Track                    [Page 18]

RFC 2743                        GSS-API                     January 2000


   GSS_S_CONTINUE_NEEDED major_status returns, and optional message
   outputs, are provided in GSS_Init_sec_context() and
   GSS_Accept_sec_context() calls so that different mechanisms'
   employment of different numbers of messages within their
   authentication sequences need not be reflected in separate code paths
   within calling applications. Instead, such cases are accommodated
   with sequences of continuation calls to GSS_Init_sec_context()  and
   GSS_Accept_sec_context().  The same facility is used to encapsulate
   mutual authentication within the GSS-API's context initiation calls.

   For mech_types which require interactions with third-party servers in
   order to establish a security context, GSS-API context establishment
   calls may block pending completion of such third-party interactions.
   On the other hand, no GSS-API calls pend on serialized interactions
   with GSS-API peer entities.  As a result, local GSS-API status
   returns cannot reflect unpredictable or asynchronous exceptions
   occurring at remote peers, and reflection of such status information
   is a caller responsibility outside the GSS-API.

1.2.1.2: Optional Service Support

   A context initiator may request various optional services at context
   establishment time. Each of these services is requested by setting a
   flag in the req_flags input parameter to GSS_Init_sec_context().

   The optional services currently defined are:

      - Delegation - The (usually temporary) transfer of rights from
      initiator to acceptor, enabling the acceptor to authenticate
      itself as an agent of the initiator.

      - Mutual Authentication - In addition to the initiator
      authenticating its identity to the context acceptor, the context
      acceptor should also authenticate itself to the initiator.

      - Replay detection - In addition to providing message integrity
      services, GSS_GetMIC() and GSS_Wrap() should include message
      numbering information to enable GSS_VerifyMIC() and GSS_Unwrap()
      to detect if a message has been duplicated.

      - Out-of-sequence detection - In addition to providing message
      integrity services, GSS_GetMIC() and GSS_Wrap() should include
      message sequencing information to enable GSS_VerifyMIC() and
      GSS_Unwrap() to detect if a message has been received out of
      sequence.






Linn                        Standards Track                    [Page 19]

RFC 2743                        GSS-API                     January 2000


      - Anonymous authentication - The establishment of the security
      context should not reveal the initiator's identity to the context
      acceptor.

      - Available per-message confidentiality - requests that per-
      message confidentiality services be available on the context.

      - Available per-message integrity - requests that per-message
      integrity services be available on the context.

   Any currently undefined bits within such flag arguments should be
   ignored by GSS-API implementations when presented by an application,
   and should be set to zero when returned to the application by the
   GSS-API implementation.