RSA Laboratories

5.2.2 What is the GSS-API?

The Generic Security Service API (GSS-API) is a CAPI for distributed security services. It has the capacity to handle session communication securely, including authentication, data integrity, and data confidentiality. The GSS-API is designed to insulate its users from the specifics of underlying mechanisms. GSS-API implementations have been constructed atop a range of secret-key and public-key technologies. The current (Version 2) GSS-API definition is available in Internet Proposed Standard RFC 2078 at

GSS-API is also incorporated as an element of the Open Group Common Environment Specification. Related ongoing work items include definitions of a complementary API (GSS-IDUP) oriented to store-and-forward messaging, of a negotiation facility for selection of a common mechanism shared between peers, and of individual underlying GSS-API mechanisms. For more information on GSS-IDUP, see

Top of the page