Previous | Table of Contents | Next |
1. Initiate SSL/TLS connection to TSS.
2. SSL/TLS connection and ciphersuite negotiation accepted by both CSS and TSS. CSS evaluates its trust in target authentication identity and decides to continue.
3. Send request (with stateless security service context element containing a client_authentication_token).
4. Receive reply with CompleteEstablishContext service context element indicating context (and request) was accepted.
5. Same as 3.
6. Same as 4.
24.7.2.1 Sample IOR Configuration
The following sample IOR was designed to address the related scenario.
CompoundSecMechList{stateful = FALSE;mechanism_list = {
CompoundSecMec { target_requires = {Integrity, Confidentiality, EstablishTrustInClient}; transport_mech = TAG_TLS_SEC_TRANS
{
target_supports = {Integrity, Confidentiality, EstablishTrustInClient,
EstablishTrustInTarget}; target_requires = {Integrity, Confidentiality}; addresses = {
TransportAddress { host_name = x; port = y;
};
};};as_context_mech = {
target_supports = {EstablishTrustInClient}; target_requires = {EstablishTrustInClient}; client_authentication_mech = GSSUPMechOID;
target_name = (GSSUPMechOID + name_scope);
};
sas_context_mech = { target_supports = {}; ...
};};};};