[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

framework draft

To: ietf-sacred <ietf-sacred@xxxxxxx>
Subject: framework draft
From: Stephen Farrell <stephen.farrell@xxxxxxxxxxxx>
Date: Mon, 16 Oct 2000 20:41:53 +0100
Cc: Magnus Nyström <magnus@xxxxxxxxxxxxxxx>, xme <stephen.farrell@xxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Organization: Baltimore Technologies Ltd.
Reply-to: stephen.farrell@xxxxxxxxxxxx
Sender: owner-ietf-sacred@xxxxxxxxxxxx

Hi All,

We should be set as a WG pretty soon now, (later this week
all going to plan), so I guess we should try to meet the dates 
in the charter:-) The I-D cutoff date for San Diego is also 
only a month away (17th Nov.) so now's the time to get started 
on the framework draft (or proposals for the framework).

To that end, could folks who'd like to volunteer for editing 
duties please contact Magnus and I and let us know. If you write 
up your ideas first, that's *much* better. Goes without saying 
of course, that if you've running code, that's *much, much* 
better (well, I said it anyway:-).

FWIW what I think the draft should contain is a fairly 
abstract model of the messages exchanged in a sacred protocol 
with (again abstract) details of what those messages contain. 
Interworking diagrams and message definitions, that sort of 
thing. A state machine would be no harm either. I reckon it 
should cover both the direct and credential server approaches.

I don't think the framework should choose a transport - it should 
be open to different transports (e.g. HTTP, SMTP, etc.); nor 
should it determine any particular authentication mechanisms 
or credential formats, unless that's unavoidable.

Of course it should address the requirements, including
as much of what was discussed on the list as you can rememeber.
(Meanwhile, Al and I will try to get another round of the 
requirements draft out, reflecting the list discussion to
date.) In particular, there was some discussion about
self-enrollment and management stuff that should be covered
in the framework.

In terms of how to write it up: maybe XML might be a useful way 
to represent PDUs, or ASN.1, or ABNF, or whatever you like, the 
point is that the framework should be suitable for different 
implementations: i.e. XML in the framework draft says nothing 
about what'll end up in the final protocol draft(s). Same goes
for ASN.1 or ABNF or anything else.

NB: I do *not* want to have a generic discussion on the list 
about whether any of these are better or worse than the others, 
we've all done that enough times to know its not useful. (If you 
particularly like one of 'em, then write a proposal for the 
framework draft using it - *please* don't tell us about how 
it'd be great if... :-)

So...any volunteers for the above?

Regards,
Stephen.

PS: I've asked for 2 hour slot for San Diego, anyone
who wants to suggest an agenda item, please let Magnus
and I know including an indication as to how long it 
might take.

-- 
____________________________________________________________
Stephen Farrell         				   
Baltimore Technologies,   tel: (direct line) +353 1 647 7406
61 Fitzwilliam Lane,                    fax: +353 1 647 7499
Dublin 2.                mailto:stephen.farrell@xxxxxxxxxxxx
Ireland                             http://www.baltimore.com

Prev by Date: Re: Some Thoughts on draft-arsenault-sacred-reqs-00.txt
Next by Date: we're official...
Previous by thread: Some Thoughts on draft-arsenault-sacred-reqs-00.txt
Next by thread: we're official...
Index(es):
- Date
- Thread