Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The SPNEGO Extension is a security protocol. As such, the normative references in this specification use common security-related terms. Every effort has been made to use these terms, such as principal, key, and service, in accordance with their use in [RFC4178].
A prerequisite for understanding the variations between the SPNEGO Extension and [RFC4178] is a working knowledge of the Generic Security Service API. Several of the informative references, specifically [KAUFMAN], provide excellent top-level information about Generic Security Services (GSS) and the message flow. [KAUFMAN] also provides an excellent survey of other security protocols and concepts, and it helps to explain the terms of art that this specification uses.
Historically, the first GSS security mechanism defined was the Kerberos protocol ([RFC1964]). The Kerberos protocol has influenced many other mechanisms; in some cases, it might be helpful to have an example protocol to compare against. Finally, there are details that are not immediately apparent, as specified in [RFC2743] and [RFC4178].