INTERNET DRAFT July

and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any other Internet Draft. Comments on this document should be sent to "[email protected]", the IETF Common Authentication Technology WG discussion list. 2. ABSTRACT This draft document specifies C language bindings for Version 2 of the Generic Security Service Application Program Interface (GSSAPI), which is described at a language-independent conceptual level in other drafts [GSSAPI]. If approved, it will revise RFC-1509, making specific incremental changes in response to implementation experience and liaison requests. It is intended, therefore, that this draft or a successor version thereof will become the basis for subsequent progression of the GSS-API specification on the standards track. The Generic Security Service Application Programming Interface provides security services to its callers, and is intended for implementation atop a variety of underlying cryptographic mechanisms. Typically, GSSAPI callers will be application protocols into which security enhancements are integrated through invocation of services provided by the GSSAPI. The GSSAPI allows a caller application to authenticate a principal identity associated with a peer application, to delegate rights to a peer, and to apply security services such as confidentiality and integrity on a per-message basis. Wray [Page 1 of 101]