| < draft-ietf-cat-rfc2078bis-07.txt | draft-ietf-cat-rfc2078bis-08.txt > | |||
|---|---|---|---|---|
| Internet-Draft J. Linn | Internet-Draft J. Linn | |||
| IETF Common Authentication Technology WG RSA Laboratories | IETF Common Authentication Technology WG RSA Laboratories | |||
| <draft-ietf-cat-rfc2078bis-07.txt> 3 September 1998 | <draft-ietf-cat-rfc2078bis-08.txt> 16 December 1998 | |||
| Generic Security Service Application Program Interface | Generic Security Service Application Program Interface | |||
| Version 2, Update 1 | Version 2, Update 1 | |||
| STATUS OF THIS MEMO | STATUS OF THIS MEMO | |||
| This document is an Internet-Draft. Internet-Drafts are working | This document is an Internet-Draft. Internet-Drafts are working | |||
| documents of the Internet Engineering Task Force (IETF), its areas, | documents of the Internet Engineering Task Force (IETF), its areas, | |||
| and its working groups. Note that other groups may also distribute | and its working groups. Note that other groups may also distribute | |||
| working documents as Internet-Drafts. | working documents as Internet-Drafts. | |||
| skipping to change at page 29, line 32 ¶ | skipping to change at page 29, line 32 ¶ | |||
| 2.1.1: GSS_Acquire_cred call | 2.1.1: GSS_Acquire_cred call | |||
| Inputs: | Inputs: | |||
| o desired_name INTERNAL NAME, -- NULL requests locally-determined | o desired_name INTERNAL NAME, -- NULL requests locally-determined | |||
| -- default | -- default | |||
| o lifetime_req INTEGER, -- in seconds; 0 requests default | o lifetime_req INTEGER, -- in seconds; 0 requests default | |||
| o desired_mechs SET OF OBJECT IDENTIFIER, -- empty set requests | o desired_mechs SET OF OBJECT IDENTIFIER, -- NULL requests | |||
| -- system-selected default | -- system-selected default | |||
| o cred_usage INTEGER -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY, | o cred_usage INTEGER -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY, | |||
| -- 2=ACCEPT-ONLY | -- 2=ACCEPT-ONLY | |||
| Outputs: | Outputs: | |||
| o major_status INTEGER, | o major_status INTEGER, | |||
| o minor_status INTEGER, | o minor_status INTEGER, | |||
| skipping to change at page 97, line 15 ¶ | skipping to change at page 97, line 15 ¶ | |||
| Credential-related: | Credential-related: | |||
| For GSS_Acquire_cred() and GSS_Add_cred(), aligned with C bindings | For GSS_Acquire_cred() and GSS_Add_cred(), aligned with C bindings | |||
| statement of likely non-support for INITIATE or BOTH credentials if | statement of likely non-support for INITIATE or BOTH credentials if | |||
| input name is neither empty nor a name resulting from applying | input name is neither empty nor a name resulting from applying | |||
| GSS_Inquire_cred() against the default credential. Further, stated | GSS_Inquire_cred() against the default credential. Further, stated | |||
| that an explicit name returned by GSS_Inquire_context() should also | that an explicit name returned by GSS_Inquire_context() should also | |||
| be accepted. Added commentary about potentially time-variant | be accepted. Added commentary about potentially time-variant | |||
| results of default resolution and attendant implications. Aligned | results of default resolution and attendant implications. Aligned | |||
| with C bindings re behavior when GSS_C_NO_NAME provided for | with C bindings re behavior when GSS_C_NO_NAME provided for | |||
| desired_name. | desired_name. In GSS_Acquire_cred(), stated that NULL, rather than | |||
| empty OID set, should be used for desired_mechs in order to request | ||||
| default mechanism set. | ||||
| Added GSS_S_CREDENTIALS_EXPIRED as returnable major_status for | Added GSS_S_CREDENTIALS_EXPIRED as returnable major_status for | |||
| GSS_Acquire_cred(), GSS_Add_cred(), also specifying GSS_S_NO_CRED | GSS_Acquire_cred(), GSS_Add_cred(), also specifying GSS_S_NO_CRED | |||
| as appropriate return for temporary, user-fixable credential | as appropriate return for temporary, user-fixable credential | |||
| unavailability. GSS_Acquire_cred() and GSS_Add_cred() are also to | unavailability. GSS_Acquire_cred() and GSS_Add_cred() are also to | |||
| return GSS_S_NO_CRED if an authorization failure is encountered | return GSS_S_NO_CRED if an authorization failure is encountered | |||
| upon credential acquisition. | upon credential acquisition. | |||
| Removed GSS_S_CREDENTIALS_EXPIRED status return from per-message | Removed GSS_S_CREDENTIALS_EXPIRED status return from per-message | |||
| protection, GSS_Context_time(), and GSS_Inquire_context() calls. | protection, GSS_Context_time(), and GSS_Inquire_context() calls. | |||
| End of changes. 3 change blocks. | ||||
| 3 lines changed or deleted | 5 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||