RFC Errata
RFC 2743, "Generic Security Service Application Program Interface Version 2, Update 1", January 2000
Note: This RFC has been updated by RFC 5554, RFC 5896
Source of RFC: cat (sec)
Errata ID: 2758
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Martin Rex
Date Reported: 2011-03-29
Held for Document Update by: Stephen Farrell
Section 2.1.4 says:
o actual_mechs SET OF OBJECT IDENTIFIER, -- if returned, caller must -- release with GSS_Release_oid_set() o initiator_time_rec INTEGER -- in seconds, or reserved value for -- INDEFINITE o acceptor_time_rec INTEGER -- in seconds, or reserved value for -- INDEFINITE o cred_usage INTEGER, -- 0=INITIATE-AND-ACCEPT, 1=INITIATE-ONLY, -- 2=ACCEPT-ONLY o mech_set SET OF OBJECT IDENTIFIER -- full set of mechanisms -- supported by resulting credential. Return major_status codes:
It should say:
o actual_mechs SET OF OBJECT IDENTIFIER, -- full set of mechanisms -- supported by resulting credential. If returned, caller must -- release with GSS_Release_oid_set() o initiator_time_rec INTEGER -- in seconds, or reserved value for -- INDEFINITE o acceptor_time_rec INTEGER -- in seconds, or reserved value for -- INDEFINITE Return major_status codes:
Notes:
There appears to be accidentally duplicated text trailing the list of output parameters in section 2.1.4: GSS_Add_cred call (top of page 38).
The parameter "cred_usage" is an input-only parameter and also listed under input parameters, and the parameter "mech_set" is a duplicate of the actual_mechs output parameter. Compare GSS-API C-Bindings document rfc2744, section 5.3. gss_add_cred
-Martin