Re: GSS-API

David Brownell (David.Brownell@Eng)
Wed, 10 Jun 1998 21:25:43 -0700

Date: Wed, 10 Jun 1998 21:25:43 -0700
From: David.Brownell@Eng (David Brownell)
Message-Id: <199806110425.VAA27386@argon.eng.sun.com>
To: java-security@web2.javasoft.com, mberner@parc.xerox.com
Subject: Re: GSS-API

Yes, SSL provides mutual authentication services, using
X.509 certificate chains. It's optional; many systems
just authenticate the server using SSL to minimize the
key management problems.

- Dave

> From mberner@parc.xerox.com Wed Jun 10 15:38:14 1998
> Date: Wed, 10 Jun 1998 15:33:21 PDT
> From: Mary Berner <mberner@parc.xerox.com>
> To: java-security@web2.javasoft.com
> Subject: GSS-API
>
> Hi,
>
> We currently have an application that uses the GSS-API for mutual
> authentication between the client and the server. That is the Client
> authenticates the server and the server in turn authenticates the
> client. Is there a way in Java to perform authentication in this manner.
> Does SSL provide this service, if so , is it available or when will it
> be available.
>
> Mary Berner
>