[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AD Review for draft-ietf-sasl-gssapi-xx.txt

To: Simon Josefsson <jas@xxxxxxxxxxx>, Sam Hartman <hartmans-ietf@xxxxxxx>
Subject: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
From: Alexey Melnikov <alexey.melnikov@xxxxxxxxx>
Date: Wed, 06 Sep 2006 19:37:57 +0100
Cc: ietf-sasl@xxxxxxx
In-reply-to: <87zmde5zx8.fsf@xxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <tslac6sm3v5.fsf@xxxxxxxxxx> <44CF1B96.5010404@xxxxxxxxx> <44EC6C24.7040300@xxxxxxxxx> <87zmde5zx8.fsf@xxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915


Simon Josefsson wrote:

Alexey Melnikov <alexey.melnikov@xxxxxxxxx> writes:

After the followup conversation with Sam he convinced me that this is
the right thing.

OLD text:
 If the client will be requesting a security
 layer, it MUST also supply to the GSS_Init_sec_context a
 mutual_req_flag of TRUE, a sequence_req_flag of TRUE, and an
 integ_req_flag of TRUE.  If the client will be requesting a security
 layer providing confidentiality protection, it MUST also supply to
 the GSS_Init_sec_context a conf_req_flag of TRUE.

NEW text:

When calling the GSS_Init_sec_context the client MUST
pass the integ_req_flag of TRUE. If the client will be requesting a
security
layer, it MUST also supply to the GSS_Init_sec_context a
mutual_req_flag of TRUE, and a sequence_req_flag of TRUE.
If the client will be requesting a security
layer providing confidentiality protection, it MUST also supply to the
GSS_Init_sec_context a conf_req_flag of TRUE.


The same text is found in the GS2 document as well.  I have made the
same change in it, but I also added:

  The client MUST verify that the requested flags become enabled in
  the context.

As per discussion between Jeff and Sam I've already added the followingtext to -08.


When GSS_Accept_sec_context returns GSS_S_COMPLETE, the server
examines the context to ensure that it provides a level of protection
permitted by the server's security policy.
In particular, if the integ_avail flag is not set in the context,
then no security layer can be offered or accepted. If the conf_avail
flag is not set in the context, then no security layer with
confidentiality can be offered or accepted.

(the first sentence was already in the document).

And similar text in the client side section.

Jeff/Sam came to conclusion that checking for integ_avail is not needed,unless a SASL security layer is negotiated.

They didn't request any text regarding other flags.

Sam, can you post a digest of why this is the case?

I suggest that the same, or similar, text is added to GS1.

Without that text, it seems as if the mechanism could simply ignore
them, and (for the C bindings) that the RET_FLAGS variable indicate
that they were never negotiated.  That seems to be a fatal problem to
me.  Or am I missing something?

Follow-Ups:
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson

References:
- AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Sam Hartman
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson

Prev by Date: Re: WG Last Call: draft-ietf-sasl-gs2-02.txt
Next by Date: Re: WG Last Call: draft-ietf-sasl-gs2-02.txt
Previous by thread: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
Next by thread: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
Index(es):
- Date
- Thread