[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AD Review for draft-ietf-sasl-gssapi-xx.txt

To: Simon Josefsson <jas@xxxxxxxxxxx>
Subject: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
From: Sam Hartman <hartmans-ietf@xxxxxxx>
Date: Thu, 07 Sep 2006 09:30:40 -0400
Cc: Alexey Melnikov <alexey.melnikov@xxxxxxxxx>, ietf-sasl@xxxxxxx
In-reply-to: <87k64fubq6.fsf@xxxxxxxxxxxxxxxxxxx> (Simon Josefsson's message of "Thu, 07 Sep 2006 14:01:37 +0200")
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <tslac6sm3v5.fsf@xxxxxxxxxx> <44CF1B96.5010404@xxxxxxxxx> <44EC6C24.7040300@xxxxxxxxx> <87zmde5zx8.fsf@xxxxxxxxxxxxxxxxxxx> <44FF1585.5060607@xxxxxxxxx> <87k64fubq6.fsf@xxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

So, this is a bit complicated and perhaps the best thing is to decide
that we just don't care about mechansims without integ_avail.

RFC 4422 only requires us to integrity protect the security layer
exchange if the underlying mechanism has integrity protection.  It is
quite clear that we cannot do channel binding exchange without
integrity protection.

I'm assuming that gssapi mechanisms protect their negotiation enough
that if integrity is requested that the mechanism prevents downgrade
attacks and either gives you integrity or only fails to give you
integrity if one end doesn't support it or required credentials are
missing.  If you are concerned that is not actually required by 2743
I'd be happy to see if we can get kitten to specify that.

I don't think it makes any sense at all to return prot_ready without
integrity being available so aborting if somehow you get prot_ready
but later not integ_avail seems fine.  (Alternatively we could require
that integ_avail is set at the same time as prot_ready)

The only important thing seems to be not to negotiate a security layer
or pass channel bindings if integ_avail is not set.

Follow-Ups:
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson

References:
- AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Sam Hartman
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson

Prev by Date: Re: WG Last Call: draft-ietf-sasl-gs2-02.txt
Next by Date: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
Previous by thread: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
Next by thread: Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
Index(es):
- Date
- Thread