draft-ietf-kitten-extended-mech-inquiry-05.txt   draft-ietf-kitten-extended-mech-inquiry-06.txt 
NETWORK WORKING GROUP N. Williams NETWORK WORKING GROUP N. Williams
Internet-Draft Sun Internet-Draft Sun
Intended status: Standards Track March 25, 2009 Intended status: Standards Track April 1, 2009
Expires: September 26, 2009 Expires: October 3, 2009
Extended Generic Security Service Mechanism Inquiry APIs Extended Generic Security Service Mechanism Inquiry APIs
draft-ietf-kitten-extended-mech-inquiry-05.txt draft-ietf-kitten-extended-mech-inquiry-06.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 32 skipping to change at page 1, line 32
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 26, 2009. This Internet-Draft will expire on October 3, 2009.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info). publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 28 skipping to change at page 2, line 28
3.2. List of Known Mechanism Attributes . . . . . . . . . . . . 4 3.2. List of Known Mechanism Attributes . . . . . . . . . . . . 4
3.3. Mechanism Attribute Sets of Existing Mechs . . . . . . . . 6 3.3. Mechanism Attribute Sets of Existing Mechs . . . . . . . . 6
3.4. New GSS-API Function Interfaces . . . . . . . . . . . . . 7 3.4. New GSS-API Function Interfaces . . . . . . . . . . . . . 7
3.4.1. Mechanism Attribute Criticality . . . . . . . . . . . . . 8 3.4.1. Mechanism Attribute Criticality . . . . . . . . . . . . . 8
3.4.2. GSS_Indicate_mechs_by_attr() . . . . . . . . . . . . . . . 8 3.4.2. GSS_Indicate_mechs_by_attr() . . . . . . . . . . . . . . . 8
3.4.3. GSS_Inquire_attrs_for_mech() . . . . . . . . . . . . . . . 9 3.4.3. GSS_Inquire_attrs_for_mech() . . . . . . . . . . . . . . . 9
3.4.4. GSS_Display_mech_attr() . . . . . . . . . . . . . . . . . 9 3.4.4. GSS_Display_mech_attr() . . . . . . . . . . . . . . . . . 9
3.4.5. New Major Status Values . . . . . . . . . . . . . . . . . 10 3.4.5. New Major Status Values . . . . . . . . . . . . . . . . . 10
3.4.6. C-Bindings . . . . . . . . . . . . . . . . . . . . . . . . 10 3.4.6. C-Bindings . . . . . . . . . . . . . . . . . . . . . . . . 10
4. Requirements for Mechanism Designers . . . . . . . . . . . 11 4. Requirements for Mechanism Designers . . . . . . . . . . . 11
5. IANA Considerations . . . . . . . . . . . . . . . . . . . 11 5. IANA Considerations . . . . . . . . . . . . . . . . . . . 12
6. Security considerations . . . . . . . . . . . . . . . . . 11 6. Security considerations . . . . . . . . . . . . . . . . . 12
7. References . . . . . . . . . . . . . . . . . . . . . . . . 12 7. References . . . . . . . . . . . . . . . . . . . . . . . . 12
7.1. Normative References . . . . . . . . . . . . . . . . . . . 12 7.1. Normative References . . . . . . . . . . . . . . . . . . . 12
7.2. Informative References . . . . . . . . . . . . . . . . . . 12 7.2. Informative References . . . . . . . . . . . . . . . . . . 12
Author's Address . . . . . . . . . . . . . . . . . . . . . 12 Author's Address . . . . . . . . . . . . . . . . . . . . . 13
1. Conventions used in this document 1. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
2. Introduction 2. Introduction
GSS-API [RFC2743] mechanisms have a number of properties that may be GSS-API [RFC2743] mechanisms have a number of properties that may be
skipping to change at page 10, line 43 skipping to change at page 10, line 43
o GSS_S_BAD_MECH_ATTR o GSS_S_BAD_MECH_ATTR
roughly corresponding to GSS_S_BAD_MECH, but applicable to mechanism roughly corresponding to GSS_S_BAD_MECH, but applicable to mechanism
attribute OIDs, rather than to mechanism OIDs. attribute OIDs, rather than to mechanism OIDs.
For the C-bindings of the GSS-API [RFC2744] GSS_S_BAD_MECH_ATTR shall For the C-bindings of the GSS-API [RFC2744] GSS_S_BAD_MECH_ATTR shall
have a routine error number of 19 (this is shifted to the left by have a routine error number of 19 (this is shifted to the left by
GSS_C_ROUTINE_ERROR_OFFSET). GSS_C_ROUTINE_ERROR_OFFSET).
3.4.6. C-Bindings 3.4.6. C-Bindings
Note that there is a bug in the C bindings of the GSS-APIv2u1
[RFC2744] in that the C 'const' attribute is applied to types which
are pointer typedefs. This is a bug because this declares that the
pointer argument is 'const' rather than that the object pointed by it
is const. To avoid this error we hereby define new typdefs which
include const properly:
typedef const gss_buffer_desc * gss_const_buffer_t;
typedef const struct gss_channel_bindings_struct *
gss_const_channel_bindings_t;
typedef const <platform-specific> gss_const_ctx_id_t;
typedef const <platform-specific> gss_const_cred_id_t;
typedef const <platform-specific> gss_const_name_t;
typedef const gss_OID_desc * gss_const_OID;
typedef const gss_OID_set_desc * gss_const_OID_set;
Figure 1: const typedefs
Note that only gss_const_OID and gss_const_OID_set are used below.
We include the other const typedefs for convenience since the C
bindings of the GSS-API do use const with pointer typedefs when it
should often instead use the above typedefs instead.
#define GSS_S_BAD_MECH_ATTR (19ul << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_MECH_ATTR (19ul << GSS_C_ROUTINE_ERROR_OFFSET)
OM_uint32 gss_inquire_mechs_for_attrs( OM_uint32 gss_inquire_mechs_for_attrs(
OM_uint32 *minor_status, OM_uint32 *minor_status,
const gss_OID_set desired_mech_attrs, gss_const_OID_set desired_mech_attrs,
const gss_OID_set except_mech_attrs, gss_const_OID_set except_mech_attrs,
const gss_OID_set critical_mech_attrs, gss_const_OID_set critical_mech_attrs,
gss_OID_set *mechs); gss_OID_set *mechs);
OM_uint32 gss_inquire_attrs_for_mech( OM_uint32 gss_inquire_attrs_for_mech(
OM_uint32 *minor_status, OM_uint32 *minor_status,
const gss_OID mech, gss_const_OID mech,
gss_OID_set *mech_attrs, gss_OID_set *mech_attrs,
gss_OID_set *known_mech_attrs); gss_OID_set *known_mech_attrs);
OM_uint32 gss_display_mech_attr( OM_uint32 gss_display_mech_attr(
OM_uint32 *minor_status, OM_uint32 *minor_status,
const gss_OID mech_attr, gss_const_OID mech_attr,
gss_buffer_t name, gss_buffer_t name,
gss_buffer_t short_desc, gss_buffer_t short_desc,
gss_buffer_t long_desc); gss_buffer_t long_desc);
Figure 1 Figure 2: C bindings
Note that output buffers must be released via gss_release_buffer(). Note that output buffers must be released via gss_release_buffer().
Output OID sets must be released via gss_release_oid_set(). Output OID sets must be released via gss_release_oid_set().
4. Requirements for Mechanism Designers 4. Requirements for Mechanism Designers
All future GSS-API mechanism specifications MUST: All future GSS-API mechanism specifications MUST:
o list the set of GSS-API mechanism attributes associated with them o list the set of GSS-API mechanism attributes associated with them
5. IANA Considerations 5. IANA Considerations
 End of changes. 11 change blocks. 
13 lines changed or deleted 37 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/