Generic Security Service Application Program Interface
An Internet Standard protocol [R2743] that specifies calling conventions by which an application (typically another communication protocol) can obtain authentication, integrity, and confidentiality security services independently of the underlying security mechanisms and technologies, thus enabling the application source code to be ported to different environments. (Compare: EAP, SASL.)
Senses
(I)
An Internet Standard protocol [R2743] that specifies calling conventions by which an application (typically another communication protocol) can obtain authentication, integrity, and confidentiality security services independently of the underlying security mechanisms and technologies, thus enabling the application source code to be ported to different environments. (Compare: EAP, SASL.)
Tutorial: "A GSS-API caller accepts tokens provided to it by its local GSS-API implementation and transfers the tokens to a peer on a remote system; that peer passes the received tokens to its local GSS-API implementation for processing. The security services available through GSS-API in this fashion are implementable (and have been implemented) over a range of underlying mechanisms based on [symmetric] and [asymmetric cryptography]." [R2743]
- IETF RFC 4949 (Internet Security Glossary)Jan 06, 2026RFC 4949 — Internet Security Glossary (Version 2)https://www.rfc-editor.org/rfc/rfc4949.txtRFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.Source: IETF RFC 4949 (rfc-editor.org).