Lines Matching full:gss
1 The gss-api authentication mechanism implementation for racoon was
2 based on the ietf draft draft-ietf-ipsec-isakmp-gss-auth-06.txt.
4 The implementation uses the Heimdal gss-api library, i.e. gss-api
5 on top of Kerberos 5. The Heimdal gss-api library had to be modified
6 to meet the requirements of using gss-api in a daemon. More specifically,
19 The modification to the Heimdal gss-api library implements the
24 it in a memory-based credential cache, part of the gss credential
37 GSS endpoint attribute will be specified in the first SA sent.
38 However, if the initiator does specify a GSS endpoint attribute,
39 racoon will always respond with its own GSS endpoint name
55 * The gss-api specific code was concentrated as much as possible
64 insert the (variable-length) GSS endpoint name attribute.
85 the config file must be used, as Windows 2000 expects the GSS endpoint
87 because the spec describes the GSS endpoint name sent by W2K as
89 required standard for gss-api + kerberos 5 (i.e. I am fairly certain
90 that such a string will be rejected by the Heimdal gss-api library, as it
93 With the Heimdal gss-api implementation, the gssapi_krb authentication
99 the gss-api mechanisms needs more roundtrips. This is implemented.
