This section provides details about some of the features of the C and Java GSI implementations.
Table 1. GT 4.0 Security Features
| Area | Supported Feature | GT4 C Code | GT4 Java Code |
|---|---|---|---|
| Proxy Certificate | Authentication with RFC 3820 compliant proxy certificates | Yes | Yes |
| Authentication with Globus (old OID) proxy certificates | Yes | Yes | |
| Authentication with legacy (GT2) proxy certificates | Available, but unsupported | Available, but unsupported | |
| Delegation of proxy certificates | Yes | Yes | |
| X.509 Extensions | Extended Key Usage Extension | Yes | No |
| CA Support | CA Signing Policy | Yes | No |
| Configurable trust roots (CA certificates) | Yes | Yes | |
| Revocation | CRLs | Yes | Yes |
| OCSP | No | No | |
| GSSAPI | GSSAPI | Yes, refer to RFC 2744 | Yes |
| GSSAPI extensions | Yes | Yes | |
| Integrity protection of user data | Yes | Yes | |
| Authorization | User Authorization using grid map file | Yes | Yes |
| Client-side authorization of service using hostname | Yes | Yes | |
| Client-side authorization of service with wildcard matching of hostnames (e.g foo matches foo-*, foo-1, foo-bar etc) | Yes | Yes | |
| CAS Support | Only in GridFTP | No | |
| Kerberos | Relinking with Kerberos instead of PKI | Yes (kludgey) | Theoretically as part of Java 1.4, but untested |
| SOAP | SOAP independent message signing | Yes | Yes |
| SOAP independent message encryption | Yes | Yes | |
| Context establishment in SOAP | Yes | Yes | |
| Secure SOAP dispatch headers | No | Yes |