CSIV2 — The encoding of GSSUP ICT's is not clearly specified

Document: http://cgi.omg.org/pub/csiv2-ftf/csiv2-031401.pdf

Isuse: The encoding of GSSUP ICT's is not clearly specified

Para 48 states:

[48] The format of a GSSUP initial context token shall be as defined in
[IETF RFC 2743]
Section 3.1, “Mechanism-Independent Token Format,” pp. 81-82. This
GSSToken shall
contain an ASN.1 tag followed by a token length, an authentication
mechanism
identifier, and a CDR encoded sequence of octets corresponding to a
GSSUP inner
context token as defined by the type GSSUP::InitialContextToken in
Section 16.9.2,
“Module GSSUP - Username/Password GSSAPI Token Formats,” on page 16-59
(and
repeated below).

and section
16.9.2 Module GSSUP - Username/Password GSSAPI Token Formats
states

// The following structure defines the inner contents of the username
// password initial context token. This structure is CDR encoded in a
// sequence of octets and appended at the end of the username/password
// GSS (initial context) Token.

struct InitialContextToken

;

Proposed Resolution:

Change para 148 to the following:

[48] The format of a GSSUP initial context token shall be as defined in
[IETF RFC 2743]
Section 3.1, “Mechanism-Independent Token Format,” pp. 81-82. This
GSSToken shall
contain an ASN.1 tag followed by a token length, an authentication
mechanism
identifier, and an encapsulation octet stream containing a CDR encoded
GSSUP inner
context token as defined by the type GSSUP::InitialContextToken in
Section 16.9.2,
“Module GSSUP - Username/Password GSSAPI Token Formats,” on page 16-59
(and
repeated below).

change the relevant comment in
16.9.2 Module GSSUP - Username/Password GSSAPI Token Formats
to the following

// The following structure defines the inner contents of the username
// password initial context token. This structure is CDR encoded in an
// encapsulation octet stream and appended at the end of the
username/password
// GSS (initial context) Token.

Close issue with revised text.