|
The security context is a pair of GASSAPI data structures that contain shared state information, which is required in order that per-message security services may be provided.
|
|
The context initiator is authenticated to the responded, and may require that the responder is authenticated in turn.
|
|
The initiator may optionally give the responder the right to initiate further security context (delegation).
|
|
To establish and maintain the security context, some GSSAPI calls return a token data structure, which is a cryptographically protected opaque data type. The caller is responsible for transferring the token to the peer application, which should then pass it to a corresponding GSSAPI routine which will decode it and extract the information.
|
