|0.1.0||May 20, 2023|
|0.0.0||May 7, 2023|
#2 in #gssapi
The Generic Security Service Application Program Interface (abbreviated GSS-API or GSSAPI) enables programs to access system security services. One of the foremost security protocols used in conjunction with GSS-API is Kerberos.
GSS-API is an IETF standard designed to address the problem of many incompatible security services which provide similar functionality. By itself, does not provide any security, but instead provides a common API implemented by security-service vendors, usually in the form of libraries installed with their security software.
These libraries implement the GSS-API which can be called from application-level code, allowing the security implementation to be replaced without application-level changes.
GSS-API applications exchange opaque messages, i.e. tokens, which hide the security implementation detail from the higher-level application. The client and server sides of the application are written to convey the tokens given to them by their respective GSS-API implementations. GSS-API tokens can usually travel over an insecure network as the mechanisms provide inherent message security.
After the exchange of some number of tokens, the GSS-API implementations at both ends inform their local application that a security context is established. Once a security context is established, sensitive application messages can be wrapped (i.e. encrypted) by the GSS-API for secure communication between client and server.
Typical protections guaranteed by GSS-API wrapping include confidentiality (secrecy) and integrity (authenticity). GSS-API can also provide local guarantees about the identity of the remote user or remote host.
Minimum Supported Rust Version
This crate requires Rust 1.65 at a minimum.
We may change the MSRV in the future, but it will be accompanied by a minor version bump.
Licensed under either of:
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.