GSSAPI design goals
GSSAPI design goals
- Mechanism independence
- Protocol environment independence
- Protocol association independence
- Suitability to a range of implementation placements
Notes:
- The GSSAPI defines an interface to cryptographically implemented strong authentication and other security services at a generic level, which is independent of any particular underlying mechanism. For example, GSSAPI-provided services can be implemented by secret-key technologies (e.g..., Kerberos) or public key approaches (e.g.., X.509).
- The GSSAPI is independent of the communications protocol suites with which it is employed, permitting use in a broad range of protocol environments. In appropriate environments, an intermediate implementation “veneer” that is oriented to a particular communication protocol (e.g.., RPC) may be interposed between applications that call that protocol and the GSSAPI, invoking GSSAPI facilities in conjunction with that protocol’s communications invocations.
- The GSSAPI security context construct is independent of communications protocol association constructs, allowing a single GSSAPI implementation to be used by a variety of invoking protocol modules on behalf of those modules’ calling applications. GSSAPI services can also be invoked directly by applications, wholly independent of protocol associations.
- GSSAPI clients are not constrained to reside within any Trusted Computing Base (TCB) perimeter defined on a system where the GSSAPI is implemented; security services are specified in a manner suitable to both intra- and extra-TCB callers.