[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Considerations

To: EKR <ekr@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: Security Considerations
From: James M Snell <jasnell@xxxxxxxxx>
Date: Thu, 03 Aug 2006 08:54:44 -0700
Cc: Robert Sayre <sayrer@xxxxxxxxx>, Brian E Carpenter <brc@xxxxxxxxxxxxxx>, "Roy T. Fielding" <fielding@xxxxxxxx>, Sam Hartman <hartmans-ietf@xxxxxxx>, Lisa Dusseault <lisa@xxxxxxxxxxxxxxxxx>, atom-protocol Protocol <atom-protocol@xxxxxxx>, IESG IESG <iesg@xxxxxxxx>
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=h33xNPYWsXZ8efjQs/tH+YRKiqxnkBJQSBQA8Sif+jSWuUqt1IqZUkQW+/Uqyul2y3JH+KtH0omtJ65jSIX/8cpjhtiNrfqocmVLvJmc+U4Whz15XGNRy6ZWgUPERIVhrD8LkP2g1s/zh0Cf+U10lQZ9qsQxQ9SxL7Bu0mvfDnI=
In-reply-to: <86ac6lhlx1.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/atom-protocol/mail-archive/>
List-id: <atom-protocol.imc.org>
List-unsubscribe: <mailto:atom-protocol-request@imc.org?body=unsubscribe>
References: <20060725142226.F31A2222427@xxxxxxxxxxxxxxxxxxxxxxxxxx> <tslpsfp62ct.fsf@xxxxxxxxxx> <44CDD939.8040108@xxxxxxxxxxxxxxxx> <tslmzapc43p.fsf@xxxxxxxxxx> <E49075CC-F5D1-4354-B049-1F39BCF7380F@xxxxxxxx> <44D0AAB7.8030001@xxxxxxxxxxxxxx> <68fba5c50608020711h30a03d24k4d7845451fef41c5@xxxxxxxxxxxxxx> <44D0C725.90807@xxxxxxxxxxxxxx> <B04CDA91-A34C-4940-806E-1163CB3F5DF7@xxxxxxxx> <44D1E2A8.60000@xxxxxxxxxxxxxx> <68fba5c50608030809s646fa513jc81d5b1ba7192415@xxxxxxxxxxxxxx> <86ac6lhlx1.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-atom-protocol@xxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.5 (X11/20060719)

Robert likely has his own opinions on this question, but so long as
implementations were capable of being extended/configured to support the
new mechanism, yes. The problem is really not that different from any
other extensibility problem.

- James

Eric Rescorla wrote:
> [snip]
> So, I'm not sure what this text is supposed to mean.
> 
> Let's try working by example: if I defined a new (stipulated secure)
> challenge-response mechanism based on GMAC and used that as my
> authentication mechanism, would you consider my implementation
> conformant?
> 
> -Ekr
> 
>

Follow-Ups:
- Re: Security Considerations
  - From: Eric Rescorla

References:
- Re: Security Considerations
  - From: Eric Rescorla
- Re: Security Considerations
  - From: Sam Hartman
- Re: Security Considerations
  - From: Sam Ruby
- Re: Security Considerations
  - From: Sam Hartman
- Re: Security Considerations
  - From: Roy T. Fielding
- Re: Security Considerations
  - From: Brian E Carpenter
- Re: Re: Security Considerations
  - From: Robert Sayre
- Re: Security Considerations
  - From: Brian E Carpenter
- Re: Security Considerations
  - From: Roy T. Fielding
- Re: Security Considerations
  - From: Brian E Carpenter
- Re: Security Considerations
  - From: Robert Sayre
- Re: Security Considerations
  - From: Eric Rescorla

Prev by Date: Re: Security Considerations
Next by Date: Re: Security Considerations
Previous by thread: Re: Security Considerations
Next by thread: Re: Security Considerations
Index(es):
- Date
- Thread