WS-Security and GSS-API: How do I get the session key? at
Thu Mar 5 21:29:17 EST 2009

Hi Luke

On Feb 24, 9:36 pm, Luke Howard <lu... at> wrote:
> > I don't recall offhand if there's been an IETF draft proposing the
> > specific extension we've got for extracting the session key.

>    major = gss_inquire_sec_context_by_oid(&minor,
>                                          ctx,
>                                          GSS_C_INQ_SSPI_SESSION_KEY,
>                                          &skey);

Cool, we (Java SE Team at Sun) are also preparing to add a new method
getSessionKey() to OpenJDK's JGSS-API for Java EE needs.

BTW, I read the krb5-1.7 codes and notice you're supporting some other
OIDs for this new function:


I wonder how widely they are required and whether we should also
support them. Can you give me some background info?


More information about the Kerberos mailing list