[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gs2 and qop

To: Nicolas Williams <Nicolas.Williams@xxxxxxx>, Sam Hartman <hartmans-ietf@xxxxxxx>
Subject: Re: gs2 and qop
From: Jeffrey Hutzelman <jhutz@xxxxxxx>
Date: Thu, 07 Sep 2006 13:23:22 -0400
Cc: Simon Josefsson <jas@xxxxxxxxxxx>, Alexey Melnikov <alexey.melnikov@xxxxxxxxx>, ietf-sasl@xxxxxxx, Jeffrey Hutzelman <jhutz@xxxxxxx>
In-reply-to: <20060907171255.GG317@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <87zmde5zx8.fsf@xxxxxxxxxxxxxxxxxxx> <44FF1585.5060607@xxxxxxxxx> <87k64fubq6.fsf@xxxxxxxxxxxxxxxxxxx> <tslodtrx0qn.fsf@xxxxxxxxxx> <87slj3sro7.fsf@xxxxxxxxxxxxxxxxxxx> <tsl8xkvwydu.fsf_-_@xxxxxxxxxx> <877j0fsq4u.fsf@xxxxxxxxxxxxxxxxxxx> <tsl4pvjwwws.fsf@xxxxxxxxxx> <87u03jr8fi.fsf@xxxxxxxxxxxxxxxxxxx> <tslejunvexm.fsf@xxxxxxxxxx> <20060907171255.GG317@xxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx

On Thursday, September 07, 2006 12:12:55 PM -0500 Nicolas Williams<Nicolas.Williams@xxxxxxx> wrote:


On Thu, Sep 07, 2006 at 12:07:01PM -0400, Sam Hartman wrote:


>>>>> "Simon" == Simon Josefsson <jas@xxxxxxxxxxx> writes:

    Simon> Is the consensus that GS2 should support GSS-API mechanisms
    Simon> that doesn't offer integrity protection?

My opinion is yes, but that's an individual, not as an AD.

I take no position on whether GS2 should support GSS-API mechanisms that
cannot provide integrity protection.  Though I can probably be convinced
that it should.

I believe that it should. We have a tradition in SASL of supporting"authentication-only" mechanisms, some of which are widely deployed inconfigurations where integrity protection and confidentiality are providedat another layer. To the extent that GSS mechanisms with those propertiesexist, IMHO it would be a mistake not to allow their use in SASL.


-- Jeff

Follow-Ups:
- Re: gs2 and qop
  - From: Simon Josefsson
- Re: gs2 and qop
  - From: Jeffrey Altman

References:
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Sam Hartman
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- gs2 and qop
  - From: Sam Hartman
- Re: gs2 and qop
  - From: Simon Josefsson
- Re: gs2 and qop
  - From: Sam Hartman
- Re: gs2 and qop
  - From: Simon Josefsson
- Re: gs2 and qop
  - From: Sam Hartman
- Re: gs2 and qop
  - From: Nicolas Williams

Prev by Date: Re: gs2 and qop
Next by Date: Re: gs2 and qop
Previous by thread: Re: gs2 and qop
Next by thread: Re: gs2 and qop
Index(es):
- Date
- Thread