Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
When using TCP as the transport, the client and server SHOULD choose to encrypt or hash messages using [RFC2743]. This is negotiated at the time of authentication after which the client and server can use GSS-API to determine whether encryption or hashing is enabled for the connection.
If encryption or hashing is being used, the message can be composed of one or more encryption data blocks. Each encryption data block has a layout as described in the following table.
|
Field |
Description |
|---|---|
|
DATA_SIZE (16 bits) |
Specifies the size of the encrypted data. This field uses little-endian byte order. |
|
TOKEN_SIZE (16 bits) |
Specifies the size of the encryption token. This field uses little-endian byte order. |
|
DATA |
Encrypted data. |
|
TOKEN |
Encryption token. |
Note that an encryption data block can span multiple DIME records.