[Next]
[Up]
[Previous]
[Contents]
Next: 4.1.21 [IMAGE ]What about
Up: 4.1 General
Previous: 4.1.19 What about conformance
Linda Gricius (March, 1998):
CSI Common Security Protocols define the details of the tokens in the SECIOP
messages. Three protocols are defined:
- SPKM Protocol
- - this protocol supports identity based policies without delegation
(CSI level 0) using public key technology for keys assigned to both principals
and trusted authorities. The SPKM protocol is based on the definition in The
Simple Public-Key GSS-API Mechanism, Internet Draft draft-ietf-cat-spkmgss-06.txt
January 1996.
- GSS Kerberos Protocol
- - this protocol supports identity based policies with
unrestricted delegation (CSI level 1) using secret key technology for keys assigned
to both principals and trusted authorities. It is possible to use it without
delegation (so providing CSI level 0).
The GSS protocol is based on the IETF GSS Kerberos V5 definition, which specifies
details of the use of Kerberos V5 with GSS-API. It includes updates to RFC 1510;
e.g., how to carry delegation information. It is specified in RFC 1964. This
itself is a profile of the Kerberos V5 mechanism as defined in IETF RFC 1510,
September 1993.
- CSI-ECMA Protocol
- - this protocol supports identify and privilege based policies
with controlled delegation (CSI level 2). It can be used with identity, but
no other privileges, and without delegation restrictions if the administrator
permits this (CSI level 1), and can be used without delegation (CSI level 0).
[Next]
[Up]
[Previous]
[Contents]
Next: 4.1.21 [IMAGE ]What about
Up: 4.1 General
Previous: 4.1.19 What about conformance