Security Package Capabilities

The capabilities of the security package determine what services it provides to the application. These capabilities include, for example, support for client-only authentication or mutual authentication, or support for message integrity and message privacy. In addition, some packages are designed for use only on reliable transport protocols and are not designed for use on datagram transports.

The security package capabilities available by a specific package are obtained using the QuerySecurityPackageInfo API. The following lists show the security package capabilities:

Authentication-related capabilities:

Client-only authentication

Multileg authentication required

Supports Windows NT impersonation

Transport-related capabilities:

Datagram-style transports

Connection-oriented transports

Data stream connection semantics

Message-related capabilities

Supports message integrity

Supports message privacy

Applications will typically select security packages based on the type of security capabilities available to meet the application needs. More discussion on security package capabilities can be found in the section below on Security Context Semantics.