On Sun, Oct 5, 2008 at 7:51 AM, Markus Moeller wrote:
> I have an application which initializes the security context in one process
> does some gss_wrap/gss_unwrap calls and then exports the context to hand it
> over to another process which imports the context and continues the
> gss_wrap/gss_unwrap. Would the second process restart sequencing at 0 or
> continuing from where the context was exported ?


I'm not even going to try to come up with a citation but common sense
would suggest that an imported GSS context must use the sequence
number of the exported context and must never reset the sequence
number to 0. I don't see how the peer could even know that the
sequence number was reset.

Mike

--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/