[cryptography] Anti-GSS falsehoods (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))
marsh at extendedsubset.com
Fri Jun 24 12:00:31 EDT 2011
On 06/24/2011 02:04 AM, Nico Williams wrote:
> Every bank that uses Active Directory uses Kerberos, and the GSS-like
> SSPI. And the Kerberos GSS mechanism (through SSPI, on Windows). The
> native Windows TLS implementation is accessed via SSPI.
I've used/abused the Windows SSPI a few times for various things. It's
pretty darn abstract. Which is not a criticism, only that it's less of
an API than a intra-host transport protocol for shipping loosely related
structures between apps and the security providers which are as diverse
as Kerb and TLS.
For example, the Microsoft doco on InitializeSecurityContext()
has a description and then again separate pages for every security
support provider (SSP) that ships with Windows.
Most of the SSPI functions have descriptions like "Used by a server to
create a security context based on an opaque message received from a
client" and "Applies a supplemental security message to an existing
Again, there's nothing wrong with this. But I suggest a guideline for
our discussion of the design of crypto APIs: The API must not be so
abstract that it doesn't actually encrypt any data.
More information about the cryptography