GSS Conversation C-bindings Interface

Document Type Expired Internet-Draft (cat WG)
Author Theodore Ts'o 
Last updated 1999-10-22
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Traditionally, the GSSAPI specification has not included in its scope the acquisition of initial credentials, or mechanisms which have required interaction with the user in the course of the security context. This has limited the applicability of the GSSAPI specification. This specification allows an application program to register a callback function so that a GSSAPI mechanism can request conversation services from the application program. The application program is responsible for displaying messages to the user and requesting input from the user via the callback function. The goal of this specification is to allow certain low- infrastructure-requiring mechanisms to prompt the user for a username, password, SecureID response, etc. It might also be used by mechanisms such as Kerberos when the GSSAPI library wishes to obtain initial credentials itself, instead of assuming that they are already present in the process.


Theodore Ts'o (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)