rfc4121 — Search

US RFC 4752 - The Kerberos V5 ("GSSAPI") Simple Authentication and Security Layer (SASL) Mechanism

https://tools.ietf.org/html/rfc4752

…eneric Security Service Application Program Interface ([ GSS-API ]) mechanism [ RFC4121 ]. The authentication sequence is described in Section 3 . Note that the described authentication sequence has known limitations, in particular, it lacks channel bindings and the number of rou…

2026-04-25 19:21 View archive →

US RFC 5801 - Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication an…

https://tools.ietf.org/html/rfc5801

…I mechanism other than "The Kerberos Version 5 GSS-API Mechanism" [ RFC1964 ] [ RFC4121 ], and has a number of problems that led us to desire a new bridge. Specifically, a) GS1 was not round-trip optimized and b) GS1 did not support channel binding [ RFC5056 ]. These problems and…

2026-04-25 20:38 View archive →

US RFC 5802 - Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms

https://tools.ietf.org/html/rfc5802

…API mechanism SHALL be the same as those for the Kerberos V GSS-API mechanism [ RFC4121 ] (see Section 4.2 and sub-sections), using the Kerberos V "aes128-cts-hmac- sha1-96" enctype [ RFC3962 ]. The replay_det_state (GSS_C_REPLAY_FLAG), sequence_state (GSS_C_SEQUENCE_FLAG), conf_…

2026-04-25 21:03 View archive →

US RFC 4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows

https://datatracker.ietf.org/doc/html/rfc4559

…rticular, they follow the formats set for the SPNEGO [ RFC4178 ] and Kerberos [ RFC4121 ] mechanisms for GSSAPI. The "Negotiate" auth-scheme calls for the use of SPNEGO GSSAPI tokens that the specific mechanism type specifies. The current implementation of this protocol is limite…

2026-04-24 13:33 View archive →