[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SASL security layers

To: Paul Leach <paulle@xxxxxxxxxxxxx>
Subject: Re: SASL security layers
From: Chris Newman <Chris.Newman@xxxxxxxxxxxx>
Date: Mon, 12 Oct 1998 11:35:08 -0700 (PDT)
Cc: "'ietf-sasl@xxxxxxx'" <ietf-sasl@xxxxxxx>
In-reply-to: <>
Sender: owner-ietf-sasl@xxxxxxx

On Fri, 9 Oct 1998, Paul Leach wrote:
> When applied to GSS mechanisms, the following issue arises. My data stream
> looks like this:
> 
> 	4 byte count
> 	App protocol data unit (APDU)
> 	padding to cipher block size
> 	GSS mechanism trailer

SASL only specifies that the cipher text buffers begin with a 4-octet
count (covering the remainder of the buffer).  The structure of the cipher
text buffers is otherwise entirely defined by the mechanism.

If you're using the GSSAPI SASL mechanism, the buffer consists of the 
entire output of a GSS_Wrap operation, with a SASL security-layer buffer
length prepended.

		- Chris

References:
- SASL security layers
  - From: Paul Leach

Prev by Date: SASL security layers
Next by Date: RE: SASL security layers
Previous by thread: SASL security layers
Next by thread: RE: SASL security layers
Index(es):
- Date
- Thread