On 10/10/2014 09:50 AM, Rick van Rein wrote:
> I found GSS_C_SEQUENCE_FLAG defined in RFC 1509, as a general flag for
> GSS-API mechanisms. And, there is an alternative flag GSS_C_REPLAY_FLAG that
> is also available in the Kerberos mapping of GSS-API. So the answer appears
> to be “yes, you c
*blush*
I solved my own question!
> I found that the Kerberos mechanism for GSS-API includes a sequence number
> that is incremented with each wrapped or MIC’d message. I assume that the
> receiving side would verify that sequence number, and drop any thing too old,
> and perhaps also anythin
Hello,
I am looking into GSS-API as a protection mechanism for SCTP connections. SCTP
connects multiple independent streams at once, and can decide on in-order or
out-of-order delivery on a per-frame basis. SCTP has reliable delivery by
default.
I found that the Kerberos mechanism for GSS-AP