This feature is new in the Software Express pilot program. This feature is included in the Solaris 10 3/05 release.
This Solaris 10 OS includes a new GSS-API “pseudo-mechanism” for negotiating GSS-API security that is based on the SPNEGO protocol (IETF RFC 2478). Simple and Protected GSS-API Negotiation (SPNEGO) is most useful for applications that are based on GSS-API implementations which support multiple security mechanisms. SPNEGO can be applied when two applications use GSS-API to exchange data and do not know which mechanisms are supported by the other application.
SPNEGO is a pseudo-security mechanism that is represented by the following object identifier:
SPNEGO enables GSS-API peers to determine in-band whether their credentials share common GSS-API security mechanisms. If the mechanisms are shared, then the peers can select a common mechanism to establish the security context.