From alexey.melnikov@isode.com Fri Jun 1 11:52:30 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AF8811E8097 for ; Fri, 1 Jun 2012 11:52:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.903 X-Spam-Level: X-Spam-Status: No, score=-102.903 tagged_above=-999 required=5 tests=[AWL=-0.304, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5CVhpgln2M+z for ; Fri, 1 Jun 2012 11:52:30 -0700 (PDT) Received: from rufus.isode.com (cl-125.lon-03.gb.sixxs.net [IPv6:2a00:14f0:e000:7c::2]) by ietfa.amsl.com (Postfix) with ESMTP id A3E8311E8096 for ; Fri, 1 Jun 2012 11:52:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1338576748; d=isode.com; s=selector; i=@isode.com; bh=TjdMnl5w94+hhIaiuxqI/H9n8UO7RH/y0efSrcvDA1c=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=H3/3noRrnnvpyRHRTRJwpopPkV+stnjeC/PDYHHl/rjQs1PHGG0xAran1ePQAprg8yWM/T zdlo90vkvOZ4PopX60S9qtEzX65hdxln89xgtBLkZ333OvfP/k1WoODmX4UswHPxK/B+Mx ym6vKOmYOUpbJ4FX3bivwkuRz3S/xuc=; Received: from [192.168.1.144] ((unknown) [62.3.217.253]) by rufus.isode.com (submission channel) via TCP with ESMTPSA id ; Fri, 1 Jun 2012 19:52:28 +0100 X-SMTP-Protocol-Errors: NORDNS PIPELINING Message-ID: <4FC90F6F.6080103@isode.com> Date: Fri, 01 Jun 2012 19:52:31 +0100 From: Alexey Melnikov User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 To: "kitten@ietf.org" MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [kitten] WG meeting in Vancouver? X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jun 2012 18:52:30 -0000 Do people want to have the WG meeting in Vancouver? I am going to be there, but at the moment I don't see a strong need for us to meet (please tell me before Monday if you feel otherwise). However I would be available to talk/help out with WG documents, if editors are there. Best Regards, Alexey, as a Kitten co-chair. From kwiereng@cisco.com Sat Jun 2 23:51:09 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AF5311E80AB for ; Sat, 2 Jun 2012 23:51:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.958 X-Spam-Level: X-Spam-Status: No, score=-6.958 tagged_above=-999 required=5 tests=[AWL=0.178, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8, RCVD_NUMERIC_HELO=2.067] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1TqOICy-3YYZ for ; Sat, 2 Jun 2012 23:51:08 -0700 (PDT) Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by ietfa.amsl.com (Postfix) with ESMTP id 2C60611E80A6 for ; Sat, 2 Jun 2012 23:51:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=kwiereng@cisco.com; l=806; q=dns/txt; s=iport; t=1338706268; x=1339915868; h=references:in-reply-to:mime-version:message-id: content-transfer-encoding:cc:from:subject:date:to; bh=szlljxrJtMMwwzDh+erYVLdVb14qUUt2l3iUnDNjQkM=; b=KYWSb3l3UAKZ9RoXlmNT17J6w9PAoCX6FUZsajsHua31PqxoUTka4BQH nuXj5uWJEMss9eh7/8b5NaywpvRC1+P2h429rLurWtcYVTdXEx9s4UR2e YrJiyDk/sChH4dEOhMmj51kFnybJ4xpq2b6WX0LKo+a/5L4nxKqKet3od w=; X-IronPort-AV: E=Sophos;i="4.75,706,1330905600"; d="scan'208";a="73967305" Received: from ams-core-1.cisco.com ([144.254.72.81]) by ams-iport-2.cisco.com with ESMTP; 03 Jun 2012 06:51:07 +0000 Received: from xbh-ams-101.cisco.com (xbh-ams-101.cisco.com [144.254.74.71]) by ams-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id q536p7JJ019046; Sun, 3 Jun 2012 06:51:07 GMT Received: from xmb-ams-101.cisco.com ([144.254.74.76]) by xbh-ams-101.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Sun, 3 Jun 2012 08:51:06 +0200 Received: from 144.254.74.76 ([144.254.74.76]) by XMB-AMS-101.cisco.com ([144.254.74.76]) with Microsoft Exchange Server HTTP-DAV ; Sun, 3 Jun 2012 06:51:00 +0000 References: <4FC90F6F.6080103@isode.com> In-Reply-To: <4FC90F6F.6080103@isode.com> MIME-Version: 1.0 (1.0) Content-Type: text/plain; charset="us-ascii" Thread-Topic: [kitten] WG meeting in Vancouver? Thread-Index: Ac1BVTyM4lCpA+7NRu29UMjjYLbYxg== Message-ID: Content-Transfer-Encoding: quoted-printable From: "Klaas Wierenga (kwiereng)" Date: Sun, 3 Jun 2012 08:51:02 +0200 To: "Alexey Melnikov" X-OriginalArrivalTime: 03 Jun 2012 06:51:06.0729 (UTC) FILETIME=[401D2590:01CD4155] X-Mailman-Approved-At: Sun, 03 Jun 2012 00:07:42 -0700 Cc: kitten@ietf.org Subject: Re: [kitten] WG meeting in Vancouver? X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jun 2012 06:51:09 -0000 Would it be useful to spend some time around a whiteboard to discuss the var= ious SAML/oauth/openid with/without channel bindings proposals to get as muc= h alignment as possible? Klaas Sent from my iPhone On 1 jun. 2012, at 20:52, "Alexey Melnikov" wrot= e: > Do people want to have the WG meeting in Vancouver? >=20 > I am going to be there, but at the moment I don't see a strong need for us= to meet (please tell me before Monday if you feel otherwise). However I wou= ld be available to talk/help out with WG documents, if editors are there. >=20 > Best Regards, > Alexey, as a Kitten co-chair. >=20 >=20 > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten From shawn.emery@oracle.com Mon Jun 4 09:22:01 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3A8421F88A7 for ; Mon, 4 Jun 2012 09:22:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSQ4gLfLlFRl for ; Mon, 4 Jun 2012 09:22:00 -0700 (PDT) Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 7017021F888C for ; Mon, 4 Jun 2012 09:21:58 -0700 (PDT) Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q54GLuoM006696 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 4 Jun 2012 16:21:57 GMT Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q54GLuId011989 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 4 Jun 2012 16:21:56 GMT Received: from abhmt115.oracle.com (abhmt115.oracle.com [141.146.116.67]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q54GLtpe002535; Mon, 4 Jun 2012 11:21:55 -0500 Received: from [10.159.98.36] (/10.159.98.36) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 04 Jun 2012 09:21:55 -0700 Message-ID: <4FCCE05D.20606@oracle.com> Date: Mon, 04 Jun 2012 10:20:45 -0600 From: Shawn Emery User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:10.0.4) Gecko/20120521 Thunderbird/10.0.4 MIME-Version: 1.0 To: kwiereng@cisco.com References: <4FC90F6F.6080103@isode.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Source-IP: ucsinet22.oracle.com [156.151.31.94] Cc: kitten@ietf.org Subject: Re: [kitten] WG meeting in Vancouver? X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jun 2012 16:22:01 -0000 On 06/ 3/12 12:51 AM, Klaas Wierenga (kwiereng) wrote: > Would it be useful to spend some time around a whiteboard to discuss the various SAML/oauth/openid with/without channel bindings proposals to get as much alignment as possible? Do any of the other authors (Bill, Simon, or Scott) plan on attending Vancouver? In any case, we haven't received enough justification to hold a Vancouver meeting unless we hear otherwise by 5pm PDT today (6/4/12). Regards, Shawn. -- > Sent from my iPhone > > On 1 jun. 2012, at 20:52, "Alexey Melnikov" wrote: > >> Do people want to have the WG meeting in Vancouver? >> >> I am going to be there, but at the moment I don't see a strong need for us to meet (please tell me before Monday if you feel otherwise). However I would be available to talk/help out with WG documents, if editors are there. >> >> Best Regards, >> Alexey, as a Kitten co-chair. >> >> >> _______________________________________________ >> Kitten mailing list >> Kitten@ietf.org >> https://www.ietf.org/mailman/listinfo/kitten > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten > From cantor.2@osu.edu Mon Jun 4 09:34:15 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14F6211E807F for ; Mon, 4 Jun 2012 09:34:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8wshlX0S6J+1 for ; Mon, 4 Jun 2012 09:34:14 -0700 (PDT) Received: from defang23.it.ohio-state.edu (defang23.it.ohio-state.edu [128.146.216.226]) by ietfa.amsl.com (Postfix) with ESMTP id 5403E11E8079 for ; Mon, 4 Jun 2012 09:34:14 -0700 (PDT) Received: from CIO-KRC-HT01.osuad.osu.edu (cio-krc-ht01.osuad.osu.edu [164.107.81.37]) by defang23.it.ohio-state.edu (8.13.1/8.13.1) with ESMTP id q54GY8Ub001263; Mon, 4 Jun 2012 12:34:11 -0400 Received: from CIO-KRC-D1MBX01.osuad.osu.edu ([fe80::450b:35e6:80f4:f3e0]) by CIO-KRC-HT01.osuad.osu.edu ([fe80::6d8f:7dea:5691:1620%12]) with mapi id 14.01.0355.002; Mon, 4 Jun 2012 12:33:29 -0400 From: "Cantor, Scott" To: Shawn Emery , "kwiereng@cisco.com" Thread-Topic: [kitten] WG meeting in Vancouver? Thread-Index: AQHNQCe2pJCtVBCu2UKeGU3EWWCNxJbobTkAgAIxgoD//8B8gA== Date: Mon, 4 Jun 2012 16:33:28 +0000 Message-ID: In-Reply-To: <4FCCE05D.20606@oracle.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [164.107.161.117] Content-Type: text/plain; charset="us-ascii" Content-ID: <08D8D7AD053BF94893B67DDA2160EAB3@exchange.osu.edu> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CanIt-Geo: ip=164.107.81.37; country=US; region=OH; city=Wooster; postalcode=44691; latitude=40.8077; longitude=-81.9730; metrocode=510; areacode=330; http://maps.google.com/maps?q=40.8077,-81.9730&z=6 X-CanItPRO-Stream: outbound X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.146.216.226 Cc: "kitten@ietf.org" Subject: Re: [kitten] WG meeting in Vancouver? X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jun 2012 16:34:15 -0000 On 6/4/12 12:20 PM, "Shawn Emery" wrote: >On 06/ 3/12 12:51 AM, Klaas Wierenga (kwiereng) wrote: >> Would it be useful to spend some time around a whiteboard to discuss >>the various SAML/oauth/openid with/without channel bindings proposals to >>get as much alignment as possible? > >Do any of the other authors (Bill, Simon, or Scott) plan on attending >Vancouver? In any case, we haven't received enough justification to >hold a Vancouver meeting unless we hear otherwise by 5pm PDT today >(6/4/12). Tentatively, but it depends somewhat on which WGs are meeting. Two that I might normally attend aren't meeting (assuming Kitten doesn't), so I'm still debating. Note that nothing stops the various authors from conversing any time. I haven't put together a proposal for keying my mechanism just yet, but I haven't reached out to anybody else to collaborate on it mainly because I wasn't seeing much interest outside of myself (and ABFAB, but they get keying from EAP). Which is to say, somebody wants to talk about it, I'm available. -- Scott From simon@josefsson.org Mon Jun 4 13:25:14 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCA1811E80E6 for ; Mon, 4 Jun 2012 13:25:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -99.073 X-Spam-Level: X-Spam-Status: No, score=-99.073 tagged_above=-999 required=5 tests=[AWL=0.836, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id knriBt5hs4Ea for ; Mon, 4 Jun 2012 13:25:14 -0700 (PDT) Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se [213.115.179.173]) by ietfa.amsl.com (Postfix) with ESMTP id 80B6711E80C0 for ; Mon, 4 Jun 2012 13:25:12 -0700 (PDT) Received: from latte (static-213-115-179-130.sme.bredbandsbolaget.se [213.115.179.130]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id q54KOqi9006239 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 4 Jun 2012 22:24:54 +0200 From: Simon Josefsson To: Shawn Emery References: <4FC90F6F.6080103@isode.com> <4FCCE05D.20606__20767.7374747165$1338826928$gmane$org@oracle.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:120604:kwiereng@cisco.com::ABiHcNsad/uQTyaC:8nXZ X-Hashcash: 1:22:120604:kitten@ietf.org::eG5W5OxsA4q7uPxa:92eK X-Hashcash: 1:22:120604:shawn.emery@oracle.com::9QbJhjNl5IN/lWO/:M6Ad Date: Mon, 04 Jun 2012 22:24:51 +0200 In-Reply-To: <4FCCE05D.20606__20767.7374747165$1338826928$gmane$org@oracle.com> (Shawn Emery's message of "Mon, 04 Jun 2012 10:20:45 -0600") Message-ID: <87ipf6u8oc.fsf@latte.josefsson.org> User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/23.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v X-Virus-Status: Clean Cc: kitten@ietf.org, kwiereng@cisco.com Subject: Re: [kitten] WG meeting in Vancouver? X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jun 2012 20:25:15 -0000 Shawn Emery writes: > On 06/ 3/12 12:51 AM, Klaas Wierenga (kwiereng) wrote: >> Would it be useful to spend some time around a whiteboard to discuss >> the various SAML/oauth/openid with/without channel bindings >> proposals to get as much alignment as possible? > > Do any of the other authors (Bill, Simon, or Scott) plan on attending > Vancouver? In any case, we haven't received enough justification to > hold a Vancouver meeting unless we hear otherwise by 5pm PDT today > (6/4/12). I won't be in Vancouver, but I think Klaas idea of whiteboard time is generally a good one, it was useful at IIW to get me to think about the OAuth stuff. /Simon From hotz@jpl.nasa.gov Wed Jun 6 10:11:34 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 238C221F8685 for ; Wed, 6 Jun 2012 10:11:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.999 X-Spam-Level: X-Spam-Status: No, score=-5.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_23=0.6, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SgLUB9DPRUpH for ; Wed, 6 Jun 2012 10:11:33 -0700 (PDT) Received: from mail.jpl.nasa.gov (smtp.jpl.nasa.gov [128.149.139.105]) by ietfa.amsl.com (Postfix) with ESMTP id 8498C21F8675 for ; Wed, 6 Jun 2012 10:11:33 -0700 (PDT) Received: from [192.168.2.107] (adsl-99-41-56-221.dsl.lsan03.sbcglobal.net [99.41.56.221]) (authenticated (0 bits)) by smtp.jpl.nasa.gov (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q56HBOXg010660 (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits) verified NO); Wed, 6 Jun 2012 10:11:25 -0700 Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Henry B. Hotz" In-Reply-To: <4FCF3F47.10205@cs.tcd.ie> Date: Wed, 6 Jun 2012 10:11:24 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <4FC6AEDA.4010709@cs.tcd.ie> <4FCF3F47.10205@cs.tcd.ie> To: Stephen Farrell , kitten@ietf.org X-Mailer: Apple Mail (2.1084) X-Source-Sender: hotz@jpl.nasa.gov X-JPL-Spam-Score': 80% Cc: draft-hotz-kx509@tools.ietf.org, Nevil Brownlee Subject: Re: [kitten] RFC 5742 review of draft-hotz-kx509 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2012 17:11:34 -0000 I'm cc'ing kitten, since the IANA registry in question is nominally a = gssapi, not a kerberos one. Your comment about the underscore is interesting. Since we're = documenting an existing protocol, the underscore is what it is. Should = we resolve the issue by requesting an exception, or by deleting the = request for an addition to the registry? I'd prefer an exception, but I'm OK either way. On Jun 6, 2012, at 4:30 AM, Stephen Farrell wrote: >=20 > Hi, >=20 > I've done my 5742 review of this and reckon that its doesn't > conflict with the planned work on the topic in the kerberos > WG, so I've put this on the June 21st IESG telechat agenda > for the other ADs to see if they agree or not. >=20 > Note that I also had some comments on the text itself. [1] > The authors/ISE might want to take a look at those in the > meantime, in particular the IANA registration comment. > (Authors - I think the right thing here is to do what the > ISE wants in terms of any possible revisions, but from > the IESG point of view, I'd guess changes you might want > to make to address those comments if made in the next week > wouldn't be a problem.) >=20 > Cheers, > Stephen. >=20 > [1] https://datatracker.ietf.org/doc/draft-hotz-kx509/writeup/ >=20 > On 05/31/2012 12:35 AM, Stephen Farrell wrote: >>=20 >> Hi, >>=20 >> The independent submissions editor (ISE) has asked the >> IESG to do an RFC 5742 review of this [1] document. >>=20 >> That review is to check that the publication of this >> independent stream submission would not conflict with >> IETF work. >>=20 >> In this case, the work is clearly related to the pkix >> and kerberos working groups, hence this mail. >>=20 >> Note: this mail is not a request for a technical review >> of the content, but rather asking if publication would >> somehow be damaging to the work of these wgs. (If you >> do have technical comments, send them to the author >> or ISE). If you're not sure about any of that, then >> read RFC 5742. [2] >>=20 >> I'll take silence as meaning that nobody thinks that >> there's a conflict. If someone thinks there is a >> conflict let me, the list, or the wg chairs know. In >> due course, I'll be doing my own evaluation as well >> of course, as will other IESG members. >>=20 >> Thanks, >> Stephen. >>=20 >> [1] http://tools.ietf.org/html/draft-hotz-kx509-04 >> [2] http://tools.ietf.org/html/rfc5742 >>=20 >> _______________________________________________ >> pkix mailing list >> pkix@ietf.org >> https://www.ietf.org/mailman/listinfo/pkix >>=20 >>=20 ------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From stephen.farrell@cs.tcd.ie Wed Jun 6 10:19:00 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DE3D21F86EE for ; Wed, 6 Jun 2012 10:19:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.269 X-Spam-Level: X-Spam-Status: No, score=-102.269 tagged_above=-999 required=5 tests=[AWL=-0.270, BAYES_00=-2.599, J_CHICKENPOX_23=0.6, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SzDoaSPw3Jeu for ; Wed, 6 Jun 2012 10:18:59 -0700 (PDT) Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 1102021F86E5 for ; Wed, 6 Jun 2012 10:18:58 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id C9E4D1714DE; Wed, 6 Jun 2012 18:18:57 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:in-reply-to:references :subject:mime-version:user-agent:from:date:message-id:received :received:x-virus-scanned; s=cs; t=1339003137; bh=9aPgo72mzd1Rzj XNIR9Px6NDjBlo1Q2ZiKkH3vJg2jc=; b=hDNgIrq+ijs/sb3pLT2TedhaRXX06n tMTuOgrqJPGF5AB5ACZXNVKPLug4vr8WIus2ftlaGXzSFKsSz/aoOhJJH3WDDu3H ivewyfeOvwA3zur9MlQOOaFz+oL8Le7P9ow51kV4CFK2te8w6qzW8eXdSlNELHjv tWBCEhZEdADD3YFI8csFvUy9nAFwA8m7LZEFotoqRpsZx5xb2x8yvt9bA9G0K/vR OUIYtIdIAu1s/NduhfEcenR3qFtbj/o+tvS9QBwD3GZEBq8ml4pYr4n3vzYJ/PXw CXJ40Zkv2eZeckyqplsIWp5flO3CHG/sEYgO0u3oHeA0QObfv27CryBw== X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id 431jJwQLBR98; Wed, 6 Jun 2012 18:18:57 +0100 (IST) Received: from [IPv6:2001:770:10:203:bd88:d721:7222:9395] (unknown [IPv6:2001:770:10:203:bd88:d721:7222:9395]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id ECD3F171479; Wed, 6 Jun 2012 18:18:51 +0100 (IST) Message-ID: <4FCF90FD.2050809@cs.tcd.ie> Date: Wed, 06 Jun 2012 18:18:53 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1 MIME-Version: 1.0 To: "Henry B. Hotz" References: <4FC6AEDA.4010709@cs.tcd.ie> <4FCF3F47.10205@cs.tcd.ie> In-Reply-To: X-Enigmail-Version: 1.4.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: kitten@ietf.org, draft-hotz-kx509@tools.ietf.org, Nevil Brownlee Subject: Re: [kitten] RFC 5742 review of draft-hotz-kx509 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2012 17:19:00 -0000 Hi, On 06/06/2012 06:11 PM, Henry B. Hotz wrote: > I'm cc'ing kitten, since the IANA registry in question is nominally a gssapi, not a kerberos one. Thanks, I missed that. > Your comment about the underscore is interesting. Since we're documenting an existing protocol, the underscore is what it is. Should we resolve the issue by requesting an exception, or by deleting the request for an addition to the registry? I don't even know what requesting an exception might mean for an IANA registry to be honest. It sounds like a bunch of work for someone in any case;-) If you're ok with leaving it out, I suspect that might be the easier option all right. I suppose you could register without the illegal character and note in the text that current deployments use "_" and not "-" in the name but I'm not sure that'd be useful. S > > I'd prefer an exception, but I'm OK either way. > > On Jun 6, 2012, at 4:30 AM, Stephen Farrell wrote: > >> >> Hi, >> >> I've done my 5742 review of this and reckon that its doesn't >> conflict with the planned work on the topic in the kerberos >> WG, so I've put this on the June 21st IESG telechat agenda >> for the other ADs to see if they agree or not. >> >> Note that I also had some comments on the text itself. [1] >> The authors/ISE might want to take a look at those in the >> meantime, in particular the IANA registration comment. >> (Authors - I think the right thing here is to do what the >> ISE wants in terms of any possible revisions, but from >> the IESG point of view, I'd guess changes you might want >> to make to address those comments if made in the next week >> wouldn't be a problem.) >> >> Cheers, >> Stephen. >> >> [1] https://datatracker.ietf.org/doc/draft-hotz-kx509/writeup/ >> >> On 05/31/2012 12:35 AM, Stephen Farrell wrote: >>> >>> Hi, >>> >>> The independent submissions editor (ISE) has asked the >>> IESG to do an RFC 5742 review of this [1] document. >>> >>> That review is to check that the publication of this >>> independent stream submission would not conflict with >>> IETF work. >>> >>> In this case, the work is clearly related to the pkix >>> and kerberos working groups, hence this mail. >>> >>> Note: this mail is not a request for a technical review >>> of the content, but rather asking if publication would >>> somehow be damaging to the work of these wgs. (If you >>> do have technical comments, send them to the author >>> or ISE). If you're not sure about any of that, then >>> read RFC 5742. [2] >>> >>> I'll take silence as meaning that nobody thinks that >>> there's a conflict. If someone thinks there is a >>> conflict let me, the list, or the wg chairs know. In >>> due course, I'll be doing my own evaluation as well >>> of course, as will other IESG members. >>> >>> Thanks, >>> Stephen. >>> >>> [1] http://tools.ietf.org/html/draft-hotz-kx509-04 >>> [2] http://tools.ietf.org/html/rfc5742 >>> >>> _______________________________________________ >>> pkix mailing list >>> pkix@ietf.org >>> https://www.ietf.org/mailman/listinfo/pkix >>> >>> > > ------------------------------------------------------ > The opinions expressed in this message are mine, > not those of Caltech, JPL, NASA, or the US Government. > Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu > > > From nico@cryptonector.com Wed Jun 6 10:43:18 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC63B21F8897 for ; Wed, 6 Jun 2012 10:43:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.01 X-Spam-Level: X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[AWL=-0.633, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_23=0.6] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IdZXy6dl4nPq for ; Wed, 6 Jun 2012 10:43:17 -0700 (PDT) Received: from homiemail-a35.g.dreamhost.com (caiajhbdcbef.dreamhost.com [208.97.132.145]) by ietfa.amsl.com (Postfix) with ESMTP id 54F9521F8892 for ; Wed, 6 Jun 2012 10:43:17 -0700 (PDT) Received: from homiemail-a35.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a35.g.dreamhost.com (Postfix) with ESMTP id 04D365406F for ; Wed, 6 Jun 2012 10:43:17 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc :content-type:content-transfer-encoding; q=dns; s= cryptonector.com; b=c9DZHPf2vkfZJI2n+UULp0Zqltx9tQNUYMrz8nQRidRz JIaJDLTvl9UzGggzJLnndfaI3PAhdZaY0QTXgJo0VVnGwarOPeMP9UAGmJpzrF+8 g4Boceecq1dpBSYMht9JnWdzWQ6md3f9uXD9DQF8xSCS9h6YyezbB5NxF9OwE9c= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type:content-transfer-encoding; s= cryptonector.com; bh=qT68MEpVVdws4BoQzi2RAlMC+6c=; b=IYeT00Ivh/5 Gji5UnoemZhvFxsTONoC8nDw0w3bvcJPuxmoa5BjiEy0g8FCktPCxjiq+EqZjVNQ fRC1KMTUSChlUVS/Fj8h6YCc2m5YwG3LQRezWcEcFfoe2B8soFPThVpKp6Y0VSuH D7pyLoXdHqcUMfdTuZnxYi9IGZE3LJBU= Received: from mail-pz0-f44.google.com (mail-pz0-f44.google.com [209.85.210.44]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a35.g.dreamhost.com (Postfix) with ESMTPSA id DDE2154058 for ; Wed, 6 Jun 2012 10:43:16 -0700 (PDT) Received: by dacx6 with SMTP id x6so8987591dac.31 for ; Wed, 06 Jun 2012 10:43:16 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.220.231 with SMTP id pz7mr17981929pbc.110.1339004596418; Wed, 06 Jun 2012 10:43:16 -0700 (PDT) Received: by 10.68.15.134 with HTTP; Wed, 6 Jun 2012 10:43:16 -0700 (PDT) In-Reply-To: References: <4FC6AEDA.4010709@cs.tcd.ie> <4FCF3F47.10205@cs.tcd.ie> Date: Wed, 6 Jun 2012 12:43:16 -0500 Message-ID: From: Nico Williams To: "Henry B. Hotz" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: kitten@ietf.org, draft-hotz-kx509@tools.ietf.org, Nevil Brownlee Subject: Re: [kitten] RFC 5742 review of draft-hotz-kx509 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2012 17:43:18 -0000 On Wed, Jun 6, 2012 at 12:11 PM, Henry B. Hotz wrote: > I'm cc'ing kitten, since the IANA registry in question is nominally a gss= api, not a kerberos one. The registry being the service name registry, which IIRC includes the IANA port service names by implication. Anyways, no objection. > Your comment about the underscore is interesting. =C2=A0Since we're docum= enting an existing protocol, the underscore is what it is. =C2=A0Should we = resolve the issue by requesting an exception, or by deleting the request fo= r an addition to the registry? > > I'd prefer an exception, but I'm OK either way. I agree, it is what it is. We should make the exception. Nico -- From hotz@jpl.nasa.gov Wed Jun 6 11:00:38 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0838021F851A for ; Wed, 6 Jun 2012 11:00:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.799 X-Spam-Level: X-Spam-Status: No, score=-6.799 tagged_above=-999 required=5 tests=[AWL=-0.800, BAYES_00=-2.599, J_CHICKENPOX_23=0.6, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bjxiHGIJpWvT for ; Wed, 6 Jun 2012 11:00:37 -0700 (PDT) Received: from mail.jpl.nasa.gov (mailhost.jpl.nasa.gov [128.149.139.109]) by ietfa.amsl.com (Postfix) with ESMTP id 18F5821F84FF for ; Wed, 6 Jun 2012 11:00:37 -0700 (PDT) Received: from laphotz.jpl.nasa.gov (laphotz.jpl.nasa.gov [128.149.133.44]) (authenticated (0 bits)) by smtp.jpl.nasa.gov (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q56I0U8Z025267 (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits) verified NO); Wed, 6 Jun 2012 11:00:31 -0700 Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Henry B. Hotz" In-Reply-To: <4FCF90FD.2050809@cs.tcd.ie> Date: Wed, 6 Jun 2012 11:00:29 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <4FC6AEDA.4010709@cs.tcd.ie> <4FCF3F47.10205@cs.tcd.ie> <4FCF90FD.2050809@cs.tcd.ie> To: Stephen Farrell X-Mailer: Apple Mail (2.1084) X-Source-Sender: hotz@jpl.nasa.gov X-AUTH: Authorized Cc: kitten@ietf.org, draft-hotz-kx509@tools.ietf.org, Nevil Brownlee Subject: Re: [kitten] RFC 5742 review of draft-hotz-kx509 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2012 18:00:38 -0000 On Jun 6, 2012, at 10:18 AM, Stephen Farrell wrote: > Hi, >=20 > On 06/06/2012 06:11 PM, Henry B. Hotz wrote: >> I'm cc'ing kitten, since the IANA registry in question is nominally a = gssapi, not a kerberos one. >=20 > Thanks, I missed that. >=20 >> Your comment about the underscore is interesting. Since we're = documenting an existing protocol, the underscore is what it is. Should = we resolve the issue by requesting an exception, or by deleting the = request for an addition to the registry? >=20 > I don't even know what requesting an exception might mean for > an IANA registry to be honest. It sounds like a bunch of work > for someone in any case;-) >=20 > If you're ok with leaving it out, I suspect that might be the > easier option all right. >=20 > I suppose you could register without the illegal character > and note in the text that current deployments use "_" and > not "-" in the name but I'm not sure that'd be useful. I'd rather not register than register the wrong thing. I'd just say in = the IANA section what the name is, and that the name isn't registered = because it doesn't meet the IANA requirements for the registry. In words we keep using more often than I like, we could fix this issue = in an incompatible upgrade to the protocol. > S >=20 >>=20 >> I'd prefer an exception, but I'm OK either way. >>=20 >> On Jun 6, 2012, at 4:30 AM, Stephen Farrell wrote: >>=20 >>>=20 >>> Hi, >>>=20 >>> I've done my 5742 review of this and reckon that its doesn't >>> conflict with the planned work on the topic in the kerberos >>> WG, so I've put this on the June 21st IESG telechat agenda >>> for the other ADs to see if they agree or not. >>>=20 >>> Note that I also had some comments on the text itself. [1] >>> The authors/ISE might want to take a look at those in the >>> meantime, in particular the IANA registration comment. >>> (Authors - I think the right thing here is to do what the >>> ISE wants in terms of any possible revisions, but from >>> the IESG point of view, I'd guess changes you might want >>> to make to address those comments if made in the next week >>> wouldn't be a problem.) >>>=20 >>> Cheers, >>> Stephen. >>>=20 >>> [1] https://datatracker.ietf.org/doc/draft-hotz-kx509/writeup/ >>>=20 >>> On 05/31/2012 12:35 AM, Stephen Farrell wrote: >>>>=20 >>>> Hi, >>>>=20 >>>> The independent submissions editor (ISE) has asked the >>>> IESG to do an RFC 5742 review of this [1] document. >>>>=20 >>>> That review is to check that the publication of this >>>> independent stream submission would not conflict with >>>> IETF work. >>>>=20 >>>> In this case, the work is clearly related to the pkix >>>> and kerberos working groups, hence this mail. >>>>=20 >>>> Note: this mail is not a request for a technical review >>>> of the content, but rather asking if publication would >>>> somehow be damaging to the work of these wgs. (If you >>>> do have technical comments, send them to the author >>>> or ISE). If you're not sure about any of that, then >>>> read RFC 5742. [2] >>>>=20 >>>> I'll take silence as meaning that nobody thinks that >>>> there's a conflict. If someone thinks there is a >>>> conflict let me, the list, or the wg chairs know. In >>>> due course, I'll be doing my own evaluation as well >>>> of course, as will other IESG members. >>>>=20 >>>> Thanks, >>>> Stephen. >>>>=20 >>>> [1] http://tools.ietf.org/html/draft-hotz-kx509-04 >>>> [2] http://tools.ietf.org/html/rfc5742 >>>>=20 >>>> _______________________________________________ >>>> pkix mailing list >>>> pkix@ietf.org >>>> https://www.ietf.org/mailman/listinfo/pkix >>>>=20 >>>>=20 >>=20 >> ------------------------------------------------------ >> The opinions expressed in this message are mine, >> not those of Caltech, JPL, NASA, or the US Government. >> Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu >>=20 >>=20 >>=20 ------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From nico@cryptonector.com Wed Jun 6 11:08:19 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1F2421F87DF for ; Wed, 6 Jun 2012 11:08:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.262 X-Spam-Level: X-Spam-Status: No, score=-2.262 tagged_above=-999 required=5 tests=[AWL=-0.285, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2OW+CwxSIlaL for ; Wed, 6 Jun 2012 11:08:19 -0700 (PDT) Received: from homiemail-a98.g.dreamhost.com (caiajhbdcbbj.dreamhost.com [208.97.132.119]) by ietfa.amsl.com (Postfix) with ESMTP id 88F7B21F877A for ; Wed, 6 Jun 2012 11:08:19 -0700 (PDT) Received: from homiemail-a98.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a98.g.dreamhost.com (Postfix) with ESMTP id 008D82C20E5 for ; Wed, 6 Jun 2012 11:02:50 -0700 (PDT) Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a98.g.dreamhost.com (Postfix) with ESMTPSA id 1EAF82C2174 for ; Wed, 6 Jun 2012 10:45:32 -0700 (PDT) Received: by pbcwy7 with SMTP id wy7so9172603pbc.31 for ; Wed, 06 Jun 2012 10:45:30 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.224.233 with SMTP id rf9mr14709905pbc.141.1339004730693; Wed, 06 Jun 2012 10:45:30 -0700 (PDT) Received: by 10.68.15.134 with HTTP; Wed, 6 Jun 2012 10:45:30 -0700 (PDT) In-Reply-To: <4FCF90FD.2050809@cs.tcd.ie> References: <4FC6AEDA.4010709@cs.tcd.ie> <4FCF3F47.10205@cs.tcd.ie> <4FCF90FD.2050809@cs.tcd.ie> Date: Wed, 6 Jun 2012 12:45:30 -0500 Message-ID: From: Nico Williams To: Stephen Farrell Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: kitten@ietf.org, draft-hotz-kx509@tools.ietf.org, "Henry B. Hotz" , Nevil Brownlee Subject: Re: [kitten] RFC 5742 review of draft-hotz-kx509 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2012 18:08:20 -0000 On Wed, Jun 6, 2012 at 12:18 PM, Stephen Farrell wrote: > On 06/06/2012 06:11 PM, Henry B. Hotz wrote: >> Your comment about the underscore is interesting. =C2=A0Since we're docu= menting an existing protocol, the underscore is what it is. =C2=A0Should we= resolve the issue by requesting an exception, or by deleting the request f= or an addition to the registry? > > I don't even know what requesting an exception might mean for > an IANA registry to be honest. It sounds like a bunch of work > for someone in any case;-) My guess is that when the IANA looks at this I-D on the RFC-Editor queue they'll point this out, at which point the author(s) will point out the need for an exception, which IANA should probably take to require comment/consensus from KITTEN WG, which surely will be easy to obtain. > If you're ok with leaving it out, I suspect that might be the > easier option all right. > > I suppose you could register without the illegal character > and note in the text that current deployments use "_" and > not "-" in the name but I'm not sure that'd be useful. I'd rather the registry reflect reality :/ Let's try that first. Nico -- From nico@cryptonector.com Wed Jun 6 13:11:43 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4019E21F8661 for ; Wed, 6 Jun 2012 13:11:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.241 X-Spam-Level: X-Spam-Status: No, score=-2.241 tagged_above=-999 required=5 tests=[AWL=-0.264, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BwVpK0eawXFl for ; Wed, 6 Jun 2012 13:11:42 -0700 (PDT) Received: from homiemail-a29.g.dreamhost.com (caiajhbdccah.dreamhost.com [208.97.132.207]) by ietfa.amsl.com (Postfix) with ESMTP id B4DD521F8658 for ; Wed, 6 Jun 2012 13:11:42 -0700 (PDT) Received: from homiemail-a29.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTP id 64688674084 for ; Wed, 6 Jun 2012 13:11:42 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc: content-type; q=dns; s=cryptonector.com; b=PQW85i/TmqdlyBpN7CGlb Mar4KWiK8d4QjRvYcBPKbJkBOsBLRwcsSqFKFfPNpJfefpDQ7kxSzm9FlhB9IthE uQmf4f3g8ZqR+KKiYL5UGdaW6aPLYECbCzbt6NTyrrm2x0ucNOXSpIFeRqa/DPTM CmdW4/d/QqmLdTuwRnABSI= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=7F+hD4WGTS3ueEVbkqjD LtiTko0=; b=lzEGveUyrXivy0K0ActVGnKmnh4ePpNrdHgYTBigLONHHdgKMfMF IfZFFeIyCdsDr4WdAUjUfTgsojVphEIDea5LuZJD1vjEOLh1yUasWquCaCtsE2Ys mu/l3WT+Lw1WRZfmtdTYjaOdV0LVI6bR71aBQtlBP/teTtU2z86iX9s= Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTPSA id 49F56674060 for ; Wed, 6 Jun 2012 13:11:40 -0700 (PDT) Received: by pbcwy7 with SMTP id wy7so856pbc.31 for ; Wed, 06 Jun 2012 13:11:38 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.202.130 with SMTP id ki2mr353227pbc.52.1339013498369; Wed, 06 Jun 2012 13:11:38 -0700 (PDT) Received: by 10.68.15.134 with HTTP; Wed, 6 Jun 2012 13:11:38 -0700 (PDT) In-Reply-To: References: <4FC6AEDA.4010709@cs.tcd.ie> <4FCF3F47.10205@cs.tcd.ie> <4FCF90FD.2050809@cs.tcd.ie> Date: Wed, 6 Jun 2012 15:11:38 -0500 Message-ID: From: Nico Williams To: "Henry B. Hotz" Content-Type: text/plain; charset=UTF-8 Cc: kitten@ietf.org, draft-hotz-kx509@tools.ietf.org, Nevil Brownlee Subject: Re: [kitten] RFC 5742 review of draft-hotz-kx509 X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jun 2012 20:11:43 -0000 Agreed, there's no need to register this service name, so if it's too muc trouble, then don't. From stephen.farrell@cs.tcd.ie Wed Jun 6 17:58:19 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77D3911E808D for ; Wed, 6 Jun 2012 17:58:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.556 X-Spam-Level: X-Spam-Status: No, score=-102.556 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6359u7aRFG9E for ; Wed, 6 Jun 2012 17:58:18 -0700 (PDT) Received: from scss.tcd.ie (hermes.scss.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 9B41911E8087 for ; Wed, 6 Jun 2012 17:58:18 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id D81E01714DD for ; Thu, 7 Jun 2012 01:58:17 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-type:in-reply-to:references:subject:mime-version :user-agent:from:date:message-id:received:received: x-virus-scanned; s=cs; t=1339030697; bh=L7Ax6PEGt5mvxBvatTdsiv1N 2mSGZrJM8mmY0RCoR1k=; b=MY/8QzegGc9cJppc33A9fAIgEo9pCltZStKFUDrZ fenNDivhwibZBD1VpFIvfCyEtYSmA9BA2dVIJAHXLDvlRetmylJ5BeVgaSBwyb1N LD8eptdtrHgjM5tq9oq1Yx9krsr5pu9hby5qpUIKTf/jw8zB+SLmk7I2Y9MzzWnL XEElm0AgIwsWV7PXIxALr1if+3tyGmdTCE2m1dMm93c0b5N7ApuzIDksuCX3N9fc nbq9AYmhVUWxylOgR1RX+p50OvVX/jvRyrAJvHRrgCFMK8RjX6oOR77um4JMFcZB h0QJQ/BJi2Wuk3SKkNpDzjKpUCUGY0OgazZITwMDuvEpMg== X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id adnk0xH7fK+f for ; Thu, 7 Jun 2012 01:58:17 +0100 (IST) Received: from [10.87.48.8] (unknown [86.44.77.44]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 6805A171479 for ; Thu, 7 Jun 2012 01:58:17 +0100 (IST) Message-ID: <4FCFFCA9.2020204@cs.tcd.ie> Date: Thu, 07 Jun 2012 01:58:17 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1 MIME-Version: 1.0 To: kitten@ietf.org References: <20120607005602.40DFCB1E007@rfc-editor.org> In-Reply-To: <20120607005602.40DFCB1E007@rfc-editor.org> X-Enigmail-Version: 1.4.2 X-Forwarded-Message-Id: <20120607005602.40DFCB1E007@rfc-editor.org> Content-Type: multipart/mixed; boundary="------------070208000103090302010303" Subject: [kitten] Fwd: [Editorial Errata Reported] RFC5056 (3247) X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 00:58:19 -0000 This is a multi-part message in MIME format. --------------070208000103090302010303 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Any opinions on tihs? Ta, S -------- Original Message -------- Subject: [Editorial Errata Reported] RFC5056 (3247) Date: Wed, 6 Jun 2012 17:56:02 -0700 (PDT) From: RFC Errata System To: Nicolas.Williams@sun.com, iesg@ietf.org CC: rfc-editor@rfc-editor.org, zhou.sujing@zte.com.cn The following errata report has been submitted for RFC5056, "On the Use of Channel Bindings to Secure Channels". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=5056&eid=3247 -------------------------------------- Type: Editorial Reported by: Mistype in definition Section: 2 Original Text ------------- there are no MITMs between the two end-points at that higher network layer. Corrected Text -------------- there are no MITMs between the two end-points at that lower network layer. Notes ----- Instructions: ------------- This errata is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC5056 (draft-williams-on-channel-binding-04) -------------------------------------- Title : On the Use of Channel Bindings to Secure Channels Publication Date : November 2007 Author(s) : N. Williams Category : PROPOSED STANDARD Source : IETF - NON WORKING GROUP Area : N/A Stream : IETF Verifying Party : IESG --------------070208000103090302010303 Content-Type: text/plain; charset=UTF-8; name="Attached Message Part" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Attached Message Part" --------------070208000103090302010303-- From nico@cryptonector.com Wed Jun 6 19:23:41 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ABEA11E8102 for ; Wed, 6 Jun 2012 19:23:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.208 X-Spam-Level: X-Spam-Status: No, score=-2.208 tagged_above=-999 required=5 tests=[AWL=-0.231, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MhI0ltB-Kl+Y for ; Wed, 6 Jun 2012 19:23:40 -0700 (PDT) Received: from homiemail-a36.g.dreamhost.com (caiajhbdcbef.dreamhost.com [208.97.132.145]) by ietfa.amsl.com (Postfix) with ESMTP id D0B7A11E80C1 for ; Wed, 6 Jun 2012 19:23:40 -0700 (PDT) Received: from homiemail-a36.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a36.g.dreamhost.com (Postfix) with ESMTP id 90A6977805B for ; Wed, 6 Jun 2012 19:23:40 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc: content-type; q=dns; s=cryptonector.com; b=rEeIIXE3lmPRIoA2lOOp8 z3Txtz/PzabTtKaU6qX34DQixtTtdxu3jE5wmJo4UmVdorxNU7/9Qzkhmso2y9xZ JqGOFkudVM8wBiIYINeVXDcuQlha9nyALmoyWx7OiVBA9YmCLbP1Vpmo2NKU1Mx/ B51B8n5RJGz7wnDPqKex8o= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=D8iS79b91TfcNjEEiEMH QPyGVrU=; b=fE4RUESqwLooZ8/4G7Z2asZpBBbO/KRUF6dmlWreksRsY/7Ebh8M 8oZ2ey/SZLtAxdm/hmdbTJNMLOSIwmIJIA6uNQNSHv84+/BVbjftUf+Yv1Rs9Us3 3Ba45UAgqQrLJJ54vtsu0a3UXTR9QEXG1l0Qa/0RJnHOWqMJqgJWoU0= Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a36.g.dreamhost.com (Postfix) with ESMTPSA id 80A7977801F for ; Wed, 6 Jun 2012 19:23:40 -0700 (PDT) Received: by pbcwy7 with SMTP id wy7so338193pbc.31 for ; Wed, 06 Jun 2012 19:23:40 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.136.68 with SMTP id py4mr2679499pbb.151.1339035499446; Wed, 06 Jun 2012 19:18:19 -0700 (PDT) Received: by 10.68.15.134 with HTTP; Wed, 6 Jun 2012 19:18:19 -0700 (PDT) In-Reply-To: <4FCFFCA9.2020204@cs.tcd.ie> References: <20120607005602.40DFCB1E007@rfc-editor.org> <4FCFFCA9.2020204@cs.tcd.ie> Date: Wed, 6 Jun 2012 21:18:19 -0500 Message-ID: From: Nico Williams To: Stephen Farrell Content-Type: text/plain; charset=UTF-8 Cc: kitten@ietf.org Subject: Re: [kitten] Fwd: [Editorial Errata Reported] RFC5056 (3247) X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 02:23:41 -0000 On Wed, Jun 6, 2012 at 7:58 PM, Stephen Farrell wrote: > Any opinions on tihs? The erratum reported is indeed an error in the original. Nico -- From stpeter@stpeter.im Thu Jun 7 08:04:03 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C879611E8086 for ; Thu, 7 Jun 2012 08:04:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.806 X-Spam-Level: X-Spam-Status: No, score=-102.806 tagged_above=-999 required=5 tests=[AWL=-0.207, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BhsZPg1r3J7R for ; Thu, 7 Jun 2012 08:04:02 -0700 (PDT) Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 4EB2111E8089 for ; Thu, 7 Jun 2012 08:04:02 -0700 (PDT) Received: from [64.101.72.115] (unknown [64.101.72.115]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 042E2400EE; Thu, 7 Jun 2012 09:20:54 -0600 (MDT) Message-ID: <4FD0BD68.1070805@stpeter.im> Date: Thu, 07 Jun 2012 08:40:40 -0600 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20120601 Thunderbird/13.0 MIME-Version: 1.0 To: William Mills References: <20120530190226.12880.56537.idtracker@ietfa.amsl.com> <1338415028.63249.YahooMailNeo@web31802.mail.mud.yahoo.com> In-Reply-To: <1338415028.63249.YahooMailNeo@web31802.mail.mud.yahoo.com> X-Enigmail-Version: 1.4.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: "kitten@ietf.org" Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 15:04:03 -0000 Hi Bill, The new key-value syntax seems preferable to me. One small point: did you mean to reference RFC 2234 for ABNF instead of RFC 5234? I'll take time to review it more carefully soon. Peter On 5/30/12 3:57 PM, William Mills wrote: > This draft rips out the HTTP style format and in band discovery. > Feedback would be very welcome. > > Many thanks to Alexey for helping me get this posted. > > -bill > > > ------------------------------------------------------------------------ > *From:* "internet-drafts@ietf.org" > *To:* i-d-announce@ietf.org > *Cc:* kitten@ietf.org > *Sent:* Wednesday, May 30, 2012 12:02 PM > *Subject:* [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This draft is a work item of the Common Authentication > Technology Next Generation Working Group of the IETF. > > Title : A SASL and GSS-API Mechanism for OAuth > Author(s) : William Mills > Tim Showalter > Hannes Tschofenig > Filename : draft-ietf-kitten-sasl-oauth-01.txt > Pages : 21 > Date : 2012-05-30 > > OAuth enables a third-party application to obtain limited access to a > protected resource, either on behalf of a resource owner by > orchestrating an approval interaction, or by allowing the third-party > application to obtain access on its own behalf. > > This document defines how an application client uses OAuth over the > Simple Authentication and Security Layer (SASL) or the Generic > Security Service Application Program Interface (GSS-API) to access a > protected resource at a resource serve. Thereby, it enables schemes > defined within the OAuth framework for non-HTTP-based application > protocols. > > Clients typically store the user's long term credential. This does, > however, lead to significant security vulnerabilities, for example, > when such a credential leaks. A significant benefit of OAuth for > usage in those clients is that the password is replaced by a token. > Tokens typically provided limited access rights and can be managed > and revoked separately from the user's long-term credential > (password). > > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-kitten-sasl-oauth-01.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > This Internet-Draft can be retrieved at: > ftp://ftp.ietf.org/internet-drafts/draft-ietf-kitten-sasl-oauth-01.txt > > The IETF datatracker page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/ > > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten > > > > > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten > From wmills@yahoo-inc.com Thu Jun 7 08:21:10 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B706021F867F for ; Thu, 7 Jun 2012 08:21:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.145 X-Spam-Level: X-Spam-Status: No, score=-17.145 tagged_above=-999 required=5 tests=[AWL=0.453, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OOX6LXifGrHL for ; Thu, 7 Jun 2012 08:21:09 -0700 (PDT) Received: from nm5.bullet.mail.sp2.yahoo.com (nm5.bullet.mail.sp2.yahoo.com [98.139.91.75]) by ietfa.amsl.com (Postfix) with SMTP id 0958421F8726 for ; Thu, 7 Jun 2012 08:21:08 -0700 (PDT) Received: from [72.30.22.93] by nm5.bullet.mail.sp2.yahoo.com with NNFMP; 07 Jun 2012 15:21:08 -0000 Received: from [98.139.91.52] by tm15.bullet.mail.sp2.yahoo.com with NNFMP; 07 Jun 2012 15:21:08 -0000 Received: from [127.0.0.1] by omp1052.mail.sp2.yahoo.com with NNFMP; 07 Jun 2012 15:21:08 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 354523.63280.bm@omp1052.mail.sp2.yahoo.com Received: (qmail 24076 invoked by uid 60001); 7 Jun 2012 15:21:07 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1339082467; bh=ltLCxGeSiD9na6PMgvdVLiLUEZiMkOByEMdWpSyBoLk=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=GRVOziLbCfHWdBT7RhHxrD3u09EeRWJzGkQhStLKdC89Q9yMA3QUHapelvMTVl2ovCeZmSBGoeKw2+fCoDs0RlGHB0/g8tNauo/IdrY5lKH/TdvAAbNY+xrrEPcGlUNvFWjTeI0iHFWtdpuRD61gkGteD+1epYSKk8USEC2JgTM= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=BMi/JC42O/DOLaU/Lrg2MUX6LaMBF6ofr2acWFNYvf+m6WMqtIok2Xfgt8m5vxqtRiFgjTDELKPmRSUKj0qwcfsQjeSWRnZaU9dedlOviXqjXoU2DSEahOG/yMnR0yd/bbyWZ+IoDpYSR75U+LXZEXNBzRyJVL+k4s/89TAqWkM=; X-YMail-OSG: RDe7vTMVM1koLeH4uJvP.qrlmEql3y9z7plXHFutOv3SzSX EccTc4_4U0g1.5aPFk2nW_xIweBL7jngXDx3Pt4mQrfaOKXlWBa1p7epLcYR 2Mx4LDazPSt.JTZOH6A7WY9aLHc8vcRjpUlErryMlDEMSYcwK0EbrB0Dojhx jIZi3MPkmo_K6Ety03K_rHqP_UZhnrGCr7SDOnBOCkuzNdhMYtneACf2WnB2 zl0IRuFcl2tbMf7hYmyNgsoVacZEKV8A8wTdyhimlAxbHN1ds7cjprQFqlNZ 5vqXg5wrl.BLLTG9z0j56zxVeirJmmOBCtPWQzk20XSzZWDi4ewLj_H0uWTf VVeRNCGV0VZZx3PwpRYdPI3obBG07sV4b3im2v7XxjxzIGDJkalxftS0ZEH1 SDun8Zfm15pJCLlCMmOEBakXFyo_XBgZqxFd8eKIHeRIW9sqgvQs- Received: from [209.131.62.115] by web31804.mail.mud.yahoo.com via HTTP; Thu, 07 Jun 2012 08:21:07 PDT X-RocketYMMF: william_john_mills X-Mailer: YahooMailWebService/0.8.118.349524 References: <20120530190226.12880.56537.idtracker@ietfa.amsl.com> <1338415028.63249.YahooMailNeo@web31802.mail.mud.yahoo.com> <4FD0BD68.1070805@stpeter.im> Message-ID: <1339082467.20834.YahooMailNeo@web31804.mail.mud.yahoo.com> Date: Thu, 7 Jun 2012 08:21:07 -0700 (PDT) From: William Mills To: Peter Saint-Andre In-Reply-To: <4FD0BD68.1070805@stpeter.im> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="835683298-1610391081-1339082467=:20834" Cc: "kitten@ietf.org" Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: William Mills List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 15:21:10 -0000 --835683298-1610391081-1339082467=:20834 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable I don't know the differences between the two, but for what I was referencin= g it's defined in both 2234 and 5234.=A0 Does it matter which one I use?=0A= =0A=0A=0A=0A>________________________________=0A> From: Peter Saint-Andre <= stpeter@stpeter.im>=0A>To: William Mills =0A>Cc: "ki= tten@ietf.org" =0A>Sent: Thursday, June 7, 2012 7:40 AM= =0A>Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt= =0A> =0A>Hi Bill,=0A>=0A>The new key-value syntax seems preferable to me. O= ne small point: did=0A>you mean to reference RFC 2234 for ABNF instead of R= FC 5234?=0A>=0A>I'll take time to review it more carefully soon.=0A>=0A>Pet= er=0A>=0A>On 5/30/12 3:57 PM, William Mills wrote:=0A>> This draft rips out= the HTTP style format and in band discovery. =0A>> Feedback would be very = welcome.=0A>> =0A>> Many thanks to Alexey for helping me get this posted.= =0A>> =0A>> -bill=0A>> =0A>> =0A>>=A0 =A0 --------------------------------= ----------------------------------------=0A>>=A0 =A0 *From:* "internet-dra= fts@ietf.org" =0A>>=A0 =A0 *To:* i-d-announce@ie= tf.org=0A>>=A0 =A0 *Cc:* kitten@ietf.org=0A>>=A0 =A0 *Sent:* Wednesday, M= ay 30, 2012 12:02 PM=0A>>=A0 =A0 *Subject:* [kitten] I-D Action: draft-iet= f-kitten-sasl-oauth-01.txt=0A>> =0A>> =0A>>=A0 =A0 A New Internet-Draft is= available from the on-line Internet-Drafts=0A>>=A0 =A0 directories. This = draft is a work item of the Common Authentication=0A>>=A0 =A0 Technology N= ext Generation Working Group of the IETF.=0A>> =0A>>=A0 =A0 =A0 =A0 Title= =A0 =A0 =A0 =A0 =A0 : A SASL and GSS-API Mechanism for OAuth=0A>>=A0 =A0 = =A0 =A0 Author(s)=A0 =A0 =A0 : William Mills=0A>>=A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Tim Showalter=0A>>=A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Hannes Tschofenig=0A>>=A0 =A0 =A0 = =A0 Filename=A0 =A0 =A0 =A0 : draft-ietf-kitten-sasl-oauth-01.txt=0A>>=A0 = =A0 =A0 =A0 Pages=A0 =A0 =A0 =A0 =A0 : 21=0A>>=A0 =A0 =A0 =A0 Date=A0 =A0= =A0 =A0 =A0 =A0 : 2012-05-30=0A>> =0A>>=A0 =A0 =A0 OAuth enables a third-= party application to obtain limited access to a=0A>>=A0 =A0 =A0 protected = resource, either on behalf of a resource owner by=0A>>=A0 =A0 =A0 orchestr= ating an approval interaction, or by allowing the third-party=0A>>=A0 =A0 = =A0 application to obtain access on its own behalf.=0A>> =0A>>=A0 =A0 =A0 = This document defines how an application client uses OAuth over the=0A>>= =A0 =A0 =A0 Simple Authentication and Security Layer (SASL) or the Generic= =0A>>=A0 =A0 =A0 Security Service Application Program Interface (GSS-API) = to access a=0A>>=A0 =A0 =A0 protected resource at a resource serve.=A0 The= reby, it enables schemes=0A>>=A0 =A0 =A0 defined within the OAuth framewor= k for non-HTTP-based application=0A>>=A0 =A0 =A0 protocols.=0A>> =0A>>=A0 = =A0 =A0 Clients typically store the user's long term credential.=A0 This d= oes,=0A>>=A0 =A0 =A0 however, lead to significant security vulnerabilities= , for example,=0A>>=A0 =A0 =A0 when such a credential leaks.=A0 A signific= ant benefit of OAuth for=0A>>=A0 =A0 =A0 usage in those clients is that th= e password is replaced by a token.=0A>>=A0 =A0 =A0 Tokens typically provid= ed limited access rights and can be managed=0A>>=A0 =A0 =A0 and revoked se= parately from the user's long-term credential=0A>>=A0 =A0 =A0 (password).= =0A>> =0A>> =0A>>=A0 =A0 A URL for this Internet-Draft is:=0A>>=A0 =A0 ht= tp://www.ietf.org/internet-drafts/draft-ietf-kitten-sasl-oauth-01.txt=0A>> = =0A>>=A0 =A0 Internet-Drafts are also available by anonymous FTP at:=0A>>= =A0 =A0 ftp://ftp.ietf.org/internet-drafts/=0A>> =0A>>=A0 =A0 This Interne= t-Draft can be retrieved at:=0A>>=A0 =A0 ftp://ftp.ietf.org/internet-drafts= /draft-ietf-kitten-sasl-oauth-01.txt=0A>> =0A>>=A0 =A0 The IETF datatracke= r page for this Internet-Draft is:=0A>>=A0 =A0 https://datatracker.ietf.org= /doc/draft-ietf-kitten-sasl-oauth/=0A>> =0A>>=A0 =A0 _____________________= __________________________=0A>>=A0 =A0 Kitten mailing list=0A>>=A0 =A0 Kit= ten@ietf.org =0A>>=A0 =A0 https://www.ietf.org/mail= man/listinfo/kitten=0A>> =0A>> =0A>> =0A>> =0A>> __________________________= _____________________=0A>> Kitten mailing list=0A>> Kitten@ietf.org=0A>> ht= tps://www.ietf.org/mailman/listinfo/kitten=0A>> =0A>=0A>=0A> --835683298-1610391081-1339082467=:20834 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable
I don't know the differences between the two, but for what I was referenc= ing it's defined in both 2234 and 5234.  Does it matter which one I us= e?

From:= Peter Saint-Andre <stpeter@stpeter.im>
To: William Mills <wmills@yahoo-inc.com> =
Cc: "kitten@ietf.org" <kitten@ietf.org>
Sent: Thursday, June 7, 2012 7:40 AM
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl= -oauth-01.txt

=0AHi Bill,

The new key-value s= yntax seems preferable to me. One small point: did
you mean to reference= RFC 2234 for ABNF instead of RFC 5234?

I'll take time to review it = more carefully soon.

Peter

On 5/30/12 3:57 PM, William Mills = wrote:
> This draft rips out the HTTP style format and in band discov= ery.
> Feedback would be very welcome.
>
> Many thanks = to Alexey for helping me get this posted.
>
> -bill
> >
>    ---------------------------------------------= ---------------------------
>    *From:* "int= ernet-drafts@ietf.org" <internet-drafts@ietf.org>= ;
>    *To:* i-d-announce@ietf.org
>&nb= sp;   *Cc:* kitten@ietf.org
>    *Sent:* Wednesday, M= ay 30, 2012 12:02 PM
>    *Subject:* [kitten] I-D Action: = draft-ietf-kitten-sasl-oauth-01.txt
>
>
>    = A New Internet-Draft is available from the on-line Internet-Drafts
>=     directories. This draft is a work item of the Common Authent= ication
>    Technology Next Generation Working Group of t= he IETF.
>
>        Title    &n= bsp;     : A SASL and GSS-API Mechanism for OAuth
>  &= nbsp;     Author(s)      : William Mills
>&= nbsp;                    =         Tim Showalter
>                          &nbs= p;   Hannes Tschofenig
>        Filename&n= bsp;       : draft-ietf-kitten-sasl-oauth-01.txt
>&nbs= p;       Pages          : 21
&g= t;        Date           = ; : 2012-05-30
>
>      OAuth enables a third-= party application to obtain limited access to a
>     = protected resource, either on behalf of a resource owner by
> =     orchestrating an approval interaction, or by allowing the t= hird-party
>      application to obtain access on its= own behalf.
>
>      This document defines ho= w an application client uses OAuth over the
>      Si= mple Authentication and Security Layer (SASL) or the Generic
>      Security Service Application Program = Interface (GSS-API) to access a
>      protected reso= urce at a resource serve.  Thereby, it enables schemes
>  &= nbsp;   defined within the OAuth framework for non-HTTP-based applica= tion
>      protocols.
>
>    =   Clients typically store the user's long term credential.  This= does,
>      however, lead to significant security v= ulnerabilities, for example,
>      when such a crede= ntial leaks.  A significant benefit of OAuth for
>    =   usage in those clients is that the password is replaced by a token.=
>      Tokens typically provided limited access righ= ts and can be managed
>      and revoked separately f= rom the user's long-term credential
>     =20 (password).
>
>
>    A URL for this Interne= t-Draft is:
>    http://www.ietf.org/internet-drafts/draft= -ietf-kitten-sasl-oauth-01.txt
>
>    Internet-Draf= ts are also available by anonymous FTP at:
>    ftp://ftp.ietf.org/= internet-drafts/
>
>    This Internet-Draft can= be retrieved at:
>    ftp://ftp= .ietf.org/internet-drafts/draft-ietf-kitten-sasl-oauth-01.txt
> <= br>>    The IETF datatracker page for this Internet-Draft is:=
>    https://datatracker.ietf.org/doc/d= raft-ietf-kitten-sasl-oauth/
>
>   =20 _______________________________________________
>    Kitt= en mailing list
>    Kitten@ietf.org <mailto:Kitten@ietf.org= >
>    https://www.ietf.org/mailman/listinfo/kitten=
>
>
>
>
> __________________________= _____________________
> Kitten mailing list
> Kitten@ietf.org> https://www.ietf.org/mailman/listinfo/kitten
>


=
--835683298-1610391081-1339082467=:20834-- From stpeter@stpeter.im Thu Jun 7 08:27:24 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9A7A21F86F5 for ; Thu, 7 Jun 2012 08:27:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.802 X-Spam-Level: X-Spam-Status: No, score=-102.802 tagged_above=-999 required=5 tests=[AWL=-0.203, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nDO1oaMuvNJx for ; Thu, 7 Jun 2012 08:27:24 -0700 (PDT) Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 8782821F8743 for ; Thu, 7 Jun 2012 08:27:22 -0700 (PDT) Received: from [64.101.72.115] (unknown [64.101.72.115]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 48BD1400A4; Thu, 7 Jun 2012 09:44:15 -0600 (MDT) Message-ID: <4FD0C858.6050802@stpeter.im> Date: Thu, 07 Jun 2012 09:27:20 -0600 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20120601 Thunderbird/13.0 MIME-Version: 1.0 To: William Mills References: <20120530190226.12880.56537.idtracker@ietfa.amsl.com> <1338415028.63249.YahooMailNeo@web31802.mail.mud.yahoo.com> <4FD0BD68.1070805@stpeter.im> <1339082467.20834.YahooMailNeo@web31804.mail.mud.yahoo.com> In-Reply-To: <1339082467.20834.YahooMailNeo@web31804.mail.mud.yahoo.com> X-Enigmail-Version: 1.4.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: "kitten@ietf.org" Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 15:27:25 -0000 In general we cite the latest version unless you really need a definition that's provided in the earlier version (which I doubt). On 6/7/12 9:21 AM, William Mills wrote: > I don't know the differences between the two, but for what I was > referencing it's defined in both 2234 and 5234. Does it matter which > one I use? > > ------------------------------------------------------------------------ > *From:* Peter Saint-Andre > *To:* William Mills > *Cc:* "kitten@ietf.org" > *Sent:* Thursday, June 7, 2012 7:40 AM > *Subject:* Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt > > Hi Bill, > > The new key-value syntax seems preferable to me. One small point: did > you mean to reference RFC 2234 for ABNF instead of RFC 5234? > > I'll take time to review it more carefully soon. > > Peter > > On 5/30/12 3:57 PM, William Mills wrote: > > This draft rips out the HTTP style format and in band discovery. > > Feedback would be very welcome. > > > > Many thanks to Alexey for helping me get this posted. > > > > -bill > > > > > > > ------------------------------------------------------------------------ > > *From:* "internet-drafts@ietf.org > " > > > *To:* i-d-announce@ietf.org > > *Cc:* kitten@ietf.org > > *Sent:* Wednesday, May 30, 2012 12:02 PM > > *Subject:* [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. This draft is a work item of the Common Authentication > > Technology Next Generation Working Group of the IETF. > > > > Title : A SASL and GSS-API Mechanism for OAuth > > Author(s) : William Mills > > Tim Showalter > > Hannes Tschofenig > > Filename : draft-ietf-kitten-sasl-oauth-01.txt > > Pages : 21 > > Date : 2012-05-30 > > > > OAuth enables a third-party application to obtain limited > access to a > > protected resource, either on behalf of a resource owner by > > orchestrating an approval interaction, or by allowing the > third-party > > application to obtain access on its own behalf. > > > > This document defines how an application client uses OAuth > over the > > Simple Authentication and Security Layer (SASL) or the Generic > > Security Service Application Program Interface (GSS-API) to > access a > > protected resource at a resource serve. Thereby, it enables > schemes > > defined within the OAuth framework for non-HTTP-based application > > protocols. > > > > Clients typically store the user's long term credential. > This does, > > however, lead to significant security vulnerabilities, for > example, > > when such a credential leaks. A significant benefit of OAuth for > > usage in those clients is that the password is replaced by a > token. > > Tokens typically provided limited access rights and can be > managed > > and revoked separately from the user's long-term credential > > (password). > > > > > > A URL for this Internet-Draft is: > > > http://www.ietf.org/internet-drafts/draft-ietf-kitten-sasl-oauth-01.txt > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > This Internet-Draft can be retrieved at: > > > ftp://ftp.ietf.org/internet-drafts/draft-ietf-kitten-sasl-oauth-01.txt > > > > The IETF datatracker page for this Internet-Draft is: > > https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/ > > > > _______________________________________________ > > Kitten mailing list > > Kitten@ietf.org > > > > https://www.ietf.org/mailman/listinfo/kitten > > > > > > > > > > _______________________________________________ > > Kitten mailing list > > Kitten@ietf.org > > https://www.ietf.org/mailman/listinfo/kitten > > > From wmills@yahoo-inc.com Thu Jun 7 08:33:30 2012 Return-Path: X-Original-To: kitten@ietfa.amsl.com Delivered-To: kitten@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65A1B21F8732 for ; Thu, 7 Jun 2012 08:33:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.172 X-Spam-Level: X-Spam-Status: No, score=-17.172 tagged_above=-999 required=5 tests=[AWL=0.426, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9hp06ZahvOYN for ; Thu, 7 Jun 2012 08:33:29 -0700 (PDT) Received: from nm3-vm0.bullet.mail.bf1.yahoo.com (nm3-vm0.bullet.mail.bf1.yahoo.com [98.139.212.154]) by ietfa.amsl.com (Postfix) with SMTP id B48A021F86D3 for ; Thu, 7 Jun 2012 08:33:28 -0700 (PDT) Received: from [98.139.212.152] by nm3.bullet.mail.bf1.yahoo.com with NNFMP; 07 Jun 2012 15:33:21 -0000 Received: from [98.139.215.229] by tm9.bullet.mail.bf1.yahoo.com with NNFMP; 07 Jun 2012 15:33:21 -0000 Received: from [127.0.0.1] by omp1069.mail.bf1.yahoo.com with NNFMP; 07 Jun 2012 15:33:21 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 238430.31602.bm@omp1069.mail.bf1.yahoo.com Received: (qmail 62986 invoked by uid 60001); 7 Jun 2012 15:33:20 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1339083200; bh=4fmVYxGDNvNtFdN4nLjI0zNVG/Py+8Yk6pAX1TJvy38=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=BYV0Z8RNJBX7H6n/7Dnmo9m/wCT5Pn+WhwmkGefgJc5lF16phsg1O6sDjHghztZCfocZ3oOLzHOKgIJdfgQ/Rol8auLjx/iMiT+YjghxWNIdA++erltU5SPvj6nMdueQqYMFdjXUVOGd3G60sUMRhZt8SBjj0uCkVbM8ajRryrE= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=JxBJeWoof+yWyGzIDuxBW/MqGMu4gYLskXJh2VVmMVvbH9ivkjy3m35TFxnHCsrH+kLH2klg1W/S/SYTR/o96S4r+nFr6C+8epHmnJeqHWwNFKjqc/NhGM4l4XEwYQLytpEvn2W7XzMAladfuJQ60+Q0BVuHfKnkjvqcaq3eTfU=; X-YMail-OSG: uBBlde0VM1nd1OZVrYY0mxs5aVdqwp5AjbPqryiIlRzhyiW N0LpoJWhOdCt9ddxbgOCJ4XE1s9lMJVoX_9vtr7v72GFlt72yqstFvesrlGt zrz8xh1jLa1dVW8KqGHvFEtwCGTsUq.Vikq9aV_YuGUGWl3MeKP7AMPkOuJh VDuomnOFUHpYiOZPggx8ZxNTHKZ4YZIDs3Hogj6HhygcjcDKs5h6KvFQKVyR CUp.uL0KZMMzMuhooyk15vG7bcRErS09ySARrZkSg7KySpM3wKa6FGbKUCjf iVtGo9WZ5sRfHTId3qVhzdWqYKAxyvoZKQ8igAOKfenQCk16TbHJsGzt0ccy K6Gd4GDpP2NSjrK4DAhM7fp_wpM0c9xzNNevgRu_W1m64x1NmT7OYU186vit RD3VhxnL_.E2oeSrgfvX5wukcqk_6.Sun56E5zviZQsp2vKbhog-- Received: from [209.131.62.115] by web31810.mail.mud.yahoo.com via HTTP; Thu, 07 Jun 2012 08:33:20 PDT X-RocketYMMF: william_john_mills X-Mailer: YahooMailWebService/0.8.118.349524 References: <20120530190226.12880.56537.idtracker@ietfa.amsl.com> <1338415028.63249.YahooMailNeo@web31802.mail.mud.yahoo.com> <4FD0BD68.1070805@stpeter.im> <1339082467.20834.YahooMailNeo@web31804.mail.mud.yahoo.com> <4FD0C858.6050802@stpeter.im> Message-ID: <1339083200.61136.YahooMailNeo@web31810.mail.mud.yahoo.com> Date: Thu, 7 Jun 2012 08:33:20 -0700 (PDT) From: William Mills To: Peter Saint-Andre In-Reply-To: <4FD0C858.6050802@stpeter.im> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="1935884094-1850542485-1339083200=:61136" Cc: "kitten@ietf.org" Subject: Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt X-BeenThere: kitten@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: William Mills List-Id: Common Authentication Technologies - Next Generation List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 15:33:30 -0000 --1935884094-1850542485-1339083200=:61136 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Fixed to 5234.=A0 Thanks.=0A=0A=0A=0A=0A>________________________________= =0A> From: Peter Saint-Andre =0A>To: William Mills =0A>Cc: "kitten@ietf.org" =0A>Sent: Th= ursday, June 7, 2012 8:27 AM=0A>Subject: Re: [kitten] I-D Action: draft-iet= f-kitten-sasl-oauth-01.txt=0A> =0A>In general we cite the latest version un= less you really need a=0A>definition that's provided in the earlier version= (which I doubt).=0A>=0A>On 6/7/12 9:21 AM, William Mills wrote:=0A>> I don= 't know the differences between the two, but for what I was=0A>> referencin= g it's defined in both 2234 and 5234.=A0 Does it matter which=0A>> one I us= e?=0A>> =0A>>=A0 =A0 -----------------------------------------------------= -------------------=0A>>=A0 =A0 *From:* Peter Saint-Andre =0A>>=A0 =A0 *To:* William Mills =0A>>=A0 =A0 *= Cc:* "kitten@ietf.org" =0A>>=A0 =A0 *Sent:* Thursday, Jun= e 7, 2012 7:40 AM=0A>>=A0 =A0 *Subject:* Re: [kitten] I-D Action: draft-ie= tf-kitten-sasl-oauth-01.txt=0A>> =0A>>=A0 =A0 Hi Bill,=0A>> =0A>>=A0 =A0 = The new key-value syntax seems preferable to me. One small point: did=0A>>= =A0 =A0 you mean to reference RFC 2234 for ABNF instead of RFC 5234?=0A>> = =0A>>=A0 =A0 I'll take time to review it more carefully soon.=0A>> =0A>>= =A0 =A0 Peter=0A>> =0A>>=A0 =A0 On 5/30/12 3:57 PM, William Mills wrote:= =0A>>=A0 =A0 > This draft rips out the HTTP style format and in band disco= very.=0A>>=A0 =A0 > Feedback would be very welcome.=0A>>=A0 =A0 >=0A>>=A0= =A0 > Many thanks to Alexey for helping me get this posted.=0A>>=A0 =A0 = >=0A>>=A0 =A0 > -bill=0A>>=A0 =A0 >=0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =0A>= >=A0 =A0 -----------------------------------------------------------------= -------=0A>>=A0 =A0 >=A0 =A0 *From:* "internet-drafts@ietf.org=0A>>=A0 =A0= " >=A0 =A0 = >=0A>>=A0 =A0 >=A0 =A0 *To:* i-d-announc= e@ietf.org =0A>>=A0 =A0 >=A0 =A0 *Cc:* kitte= n@ietf.org =0A>>=A0 =A0 >=A0 =A0 *Sent:* Wednesday= , May 30, 2012 12:02 PM=0A>>=A0 =A0 >=A0 =A0 *Subject:* [kitten] I-D Actio= n: draft-ietf-kitten-sasl-oauth-01.txt=0A>>=A0 =A0 >=0A>>=A0 =A0 >=0A>>= =A0 =A0 >=A0 =A0 A New Internet-Draft is available from the on-line Intern= et-Drafts=0A>>=A0 =A0 >=A0 =A0 directories. This draft is a work item of t= he Common Authentication=0A>>=A0 =A0 >=A0 =A0 Technology Next Generation W= orking Group of the IETF.=0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 =A0 =A0 Titl= e=A0 =A0 =A0 =A0 =A0 : A SASL and GSS-API Mechanism for OAuth=0A>>=A0 =A0 = >=A0 =A0 =A0 =A0 Author(s)=A0 =A0 =A0 : William Mills=0A>>=A0 =A0 >=A0 =A0= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Tim Showalter=0A>>=A0 = =A0 >=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 Hannes Ts= chofenig=0A>>=A0 =A0 >=A0 =A0 =A0 =A0 Filename=A0 =A0 =A0 =A0 : draft-ietf= -kitten-sasl-oauth-01.txt=0A>>=A0 =A0 >=A0 =A0 =A0 =A0 Pages=A0 =A0 =A0 = =A0 =A0 : 21=0A>>=A0 =A0 >=A0 =A0 =A0 =A0 Date=A0 =A0 =A0 =A0 =A0 =A0 : 20= 12-05-30=0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 =A0 OAuth enables a third-par= ty application to obtain limited=0A>>=A0 =A0 access to a=0A>>=A0 =A0 >=A0= =A0 =A0 protected resource, either on behalf of a resource owner by=0A>>= =A0 =A0 >=A0 =A0 =A0 orchestrating an approval interaction, or by allowing= the=0A>>=A0 =A0 third-party=0A>>=A0 =A0 >=A0 =A0 =A0 application to obta= in access on its own behalf.=0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 =A0 This = document defines how an application client uses OAuth=0A>>=A0 =A0 over the= =0A>>=A0 =A0 >=A0 =A0 =A0 Simple Authentication and Security Layer (SASL) = or the Generic=0A>>=A0 =A0 >=A0 =A0 =A0 Security Service Application Progr= am Interface (GSS-API) to=0A>>=A0 =A0 access a=0A>>=A0 =A0 >=A0 =A0 =A0 p= rotected resource at a resource serve.=A0 Thereby, it enables=0A>>=A0 =A0 = schemes=0A>>=A0 =A0 >=A0 =A0 =A0 defined within the OAuth framework for no= n-HTTP-based application=0A>>=A0 =A0 >=A0 =A0 =A0 protocols.=0A>>=A0 =A0 = >=0A>>=A0 =A0 >=A0 =A0 =A0 Clients typically store the user's long term cr= edential. =0A>>=A0 =A0 This does,=0A>>=A0 =A0 >=A0 =A0 =A0 however, lead = to significant security vulnerabilities, for=0A>>=A0 =A0 example,=0A>>=A0 = =A0 >=A0 =A0 =A0 when such a credential leaks.=A0 A significant benefit of= OAuth for=0A>>=A0 =A0 >=A0 =A0 =A0 usage in those clients is that the pas= sword is replaced by a=0A>>=A0 =A0 token.=0A>>=A0 =A0 >=A0 =A0 =A0 Tokens= typically provided limited access rights and can be=0A>>=A0 =A0 managed= =0A>>=A0 =A0 >=A0 =A0 =A0 and revoked separately from the user's long-term= credential=0A>>=A0 =A0 >=A0 =A0 =A0 (password).=0A>>=A0 =A0 >=0A>>=A0 = =A0 >=0A>>=A0 =A0 >=A0 =A0 A URL for this Internet-Draft is:=0A>>=A0 =A0 = >=A0 =0A>>=A0 =A0 http://www.ietf.org/internet-drafts/draft-ietf-kitten-s= asl-oauth-01.txt=0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 Internet-Drafts are a= lso available by anonymous FTP at:=0A>>=A0 =A0 >=A0 =A0 ftp://ftp.ietf.org= /internet-drafts/=0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 This Internet-Draft = can be retrieved at:=0A>>=A0 =A0 >=A0 =0A>>=A0 =A0 ftp://ftp.ietf.org/inte= rnet-drafts/draft-ietf-kitten-sasl-oauth-01.txt=0A>>=A0 =A0 >=0A>>=A0 =A0 = >=A0 =A0 The IETF datatracker page for this Internet-Draft is:=0A>>=A0 =A0= >=A0 =A0 https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/= =0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 _____________________________________= __________=0A>>=A0 =A0 >=A0 =A0 Kitten mailing list=0A>>=A0 =A0 >=A0 =A0 = Kitten@ietf.org =0A>>=A0 =A0 >=0A>>=A0 =A0 >=A0 =A0 https://www.ietf.org/mai= lman/listinfo/kitten=0A>>=A0 =A0 >=0A>>=A0 =A0 >=0A>>=A0 =A0 >=0A>>=A0 = =A0 >=0A>>=A0 =A0 > _______________________________________________=0A>>= =A0 =A0 > Kitten mailing list=0A>>=A0 =A0 > Kitten@ietf.org =0A>>=A0 =A0 > https://www.ietf.org/mailman/listinfo/kitten=0A>= >=A0 =A0 >=0A>> =0A>=0A>=0A> --1935884094-1850542485-1339083200=:61136 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable
Fixed to 5234.  Thanks.

From: Peter Saint-Andre <stpeter@stpeter.im= >
To: William Mills= <wmills@yahoo-inc.com>
Cc:= "kitten@ietf.org" <kitten@ietf.org>
Sent: Thursday, June 7, 2012 8:27 AM
= Subject: Re: [kitten] I-D Action: = draft-ietf-kitten-sasl-oauth-01.txt

=0AIn general we= cite the latest version unless you really need a
definition that's prov= ided in the earlier version (which I doubt).

On 6/7/12 9:21 AM, Will= iam Mills wrote:
> I don't know the differences between the two, but = for what I was
> referencing it's defined in both 2234 and 5234. = ; Does it matter which
> one I use?
>
>    --= ----------------------------------------------------------------------
&= gt;    *From:* Peter Saint-Andre <stpeter@stpeter.im>=
>    *To:* William Mills <wmills@yahoo-inc.com>
>    *Cc:* "kitten@ietf.org" <kitten@ietf.org>
>  &nbs= p; *Sent:* Thursday, June 7, 2012 7:40 AM
>    *Subject:*= Re: [kitten] I-D Action: draft-ietf-kitten-sasl-oauth-01.txt
>
&= gt;    Hi Bill,
>
>    The new key-value= syntax seems preferable to me. One small point: did
>    = you mean to reference RFC 2234 for ABNF instead of RFC 5234?
>
&g= t;    I'll take time to review it more carefully soon.
> <= br>>    Peter
>
>    On 5/30/12 3:57 = PM, William Mills wrote:
>    > This draft rips out the= HTTP style format and in band discovery.
>    > Feedba= ck would be very welcome.
>    >
>    = > Many thanks to Alexey for helping me get this posted.
>  &n= bsp; >
>    > -bill
>   =20 >
>    >
>    > 
>=     ------------------------------------------------------------= ------------
>    >    *From:* "= internet-drafts@ietf.org
>    <mailto:= internet-drafts@ietf.org>" <internet-drafts@ietf.org=
>    <mailto:internet-drafts@ietf.org= >>
>    >    *To:* i-d-annou= nce@ietf.org <mailto:i-d-announce@ietf.org>
>= ;    >    *Cc:* kitten@ietf.org <mailto:kitten@ietf.or= g>
>    >    *Sent:* Wednesday, May 30= , 2012 12:02 PM
>    >    *Subject:* [kitten]= I-D Action: draft-ietf-kitten-sasl-oauth-01.txt
>    >=
>    >
>    >    A New I= nternet-Draft is available from the on-line Internet-Drafts
>  &= nbsp; >    directories. This draft is a work item of the Comm= on Authentication
>    >    Technology Next G= eneration Working Group of the IETF.
>    >
>&nbs= p;   >        Title          : A SASL and GSS-API Mechanism for OAuth
>    >=         Author(s)      : William Mills>    >              &= nbsp;               Tim Showalter
>= ;    >               =               Hannes Tschofenig
>=     >        Filename     =   : draft-ietf-kitten-sasl-oauth-01.txt
>    >&nb= sp;       Pages          : 21
&g= t;    >        Date      &= nbsp;     : 2012-05-30
>    >
>  &= nbsp; >      OAuth enables a third-party application to = obtain limited
>    access to a
>    >      protected resource, either on behalf of a= resource owner by
>    >      orchestra= ting an approval interaction, or by allowing the
>    thir= d-party
>    >      application to obtai= n access on its own behalf.
>    >
>   = >      This document defines how an application client = uses OAuth
>    over the
>    >  =     Simple Authentication and Security Layer (SASL) or the Generi= c
>    >      Security Service Applicati= on Program Interface (GSS-API) to
>    access a
>&nb= sp;   >      protected resource at a resource serve= .  Thereby, it enables
>    schemes
>  &nb= sp; >      defined within the OAuth framework for non-HTTP-based application
>    >      = protocols.
>    >
>    >  &nbs= p;   Clients typically store the user's long term credential.
>=     This does,
>    >      ho= wever, lead to significant security vulnerabilities, for
>  &nbs= p; example,
>    >      when such a cre= dential leaks.  A significant benefit of OAuth for
>   = ; >      usage in those clients is that the password is = replaced by a
>    token.
>    > =     Tokens typically provided limited access rights and can be>    managed
>    >     = and revoked separately from the user's long-term credential
>  =   >      (password).
>   =20 >
>    >
>    >    A = URL for this Internet-Draft is:
>    > 
>&= nbsp;   http://www.ietf.org/internet-drafts/draft-ietf-kitten-sasl-oa= uth-01.txt
>    >
>    >  &nbs= p; Internet-Drafts are also available by anonymous FTP at:
>  &n= bsp; >    ftp://ftp.ietf.org/internet-drafts/
>   = >
>    >    This Internet-Draft can be r= etrieved at:
>    > 
>    ftp://ftp.ietf.org/internet-drafts/draft-ietf-kitten-s= asl-oauth-01.txt
>    >
>    >&= nbsp;   The IETF datatracker page for this Internet-Draft is:
>    >    https://data= tracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/
>   = >
>    >    ____________________________= ___________________
>    >    Kitten mailing = list
>    >    Kitten@ietf.org <mailto:Kitten@ie= tf.org>
>    <mailto:Kitten@ietf.org <mailto:<= a ymailto=3D"mailto:Kitten@ietf.org" href=3D"mailto:Kitten@ietf.org">Kitten= @ietf.org>>
>    >    https://www.ietf.org/mailman/listinfo/kitten
>=     >
>    >
>    >>    >
>    > ______________________= _________________________
>    > Kitten mailing list>    > Kitten@ietf.org <mailto:Kitten@ietf.org>
&g= t;    > https://www.ietf.org/mailman/listinfo/kitten
&= gt;    >
>


--1935884094-1850542485-1339083200=:61136--