[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gs2 and qop

To: Simon Josefsson <jas@xxxxxxxxxxx>
Subject: Re: gs2 and qop
From: Sam Hartman <hartmans-ietf@xxxxxxx>
Date: Fri, 08 Sep 2006 09:10:54 -0400
Cc: Jeffrey Hutzelman <jhutz@xxxxxxx>, Nicolas Williams <Nicolas.Williams@xxxxxxx>, Alexey Melnikov <alexey.melnikov@xxxxxxxxx>, ietf-sasl@xxxxxxx
In-reply-to: <878xkur9n9.fsf@xxxxxxxxxxxxxxxxxxx> (Simon Josefsson's message of "Fri, 08 Sep 2006 11:27:06 +0200")
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <87zmde5zx8.fsf@xxxxxxxxxxxxxxxxxxx> <44FF1585.5060607@xxxxxxxxx> <87k64fubq6.fsf@xxxxxxxxxxxxxxxxxxx> <tslodtrx0qn.fsf@xxxxxxxxxx> <87slj3sro7.fsf@xxxxxxxxxxxxxxxxxxx> <tsl8xkvwydu.fsf_-_@xxxxxxxxxx> <877j0fsq4u.fsf@xxxxxxxxxxxxxxxxxxx> <tsl4pvjwwws.fsf@xxxxxxxxxx> <87u03jr8fi.fsf@xxxxxxxxxxxxxxxxxxx> <tslejunvexm.fsf@xxxxxxxxxx> <20060907171255.GG317@xxxxxxxxxxxxxxxxxxxxx> <F23EE75C85D0E450064DE0E6@xxxxxxxxxxxxxxxxxxxxx> <878xkur9n9.fsf@xxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

>>>>> "Simon" == Simon Josefsson <jas@xxxxxxxxxxx> writes:

    Simon> I don't understand why an authentication-only GS2 mechanism
    Simon> is any better than a "pure" SASL authentication-only
    Simon> mechanism.

It isn't but we want people to write gss mechanisms not sasl
mechanisms.  So, we'd like gss to be a superset of the functionality.
And we'd like all gss mechanisms to be sasl mechanisms.

    Simon> A simple question that may illustrate the situation: Will
    Simon> there ever by any more authentication-only SASL mechanisms
    Simon> on the standards track?

I hope not.

    Simon> If the answer is no, I'd argue that they shouldn't be
    Simon> permitted to be specified through GS2 either.

I don't expect there to be any authentication only gss mechanisms on
the standards track either.

But there are mechanisms not on the standards track.  And my point is
that as an individual I want a standards track solution for using any
gss mechanisms as sasl mechanisms--even if those mechanisms are not on
the standards track themselves.

Follow-Ups:
- Re: gs2 and qop
  - From: Jeffrey Hutzelman
- Re: gs2 and qop
  - From: Simon Josefsson

References:
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Alexey Melnikov
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Sam Hartman
- Re: AD Review for draft-ietf-sasl-gssapi-xx.txt
  - From: Simon Josefsson
- gs2 and qop
  - From: Sam Hartman
- Re: gs2 and qop
  - From: Simon Josefsson
- Re: gs2 and qop
  - From: Sam Hartman
- Re: gs2 and qop
  - From: Simon Josefsson
- Re: gs2 and qop
  - From: Sam Hartman
- Re: gs2 and qop
  - From: Nicolas Williams
- Re: gs2 and qop
  - From: Jeffrey Hutzelman
- Re: gs2 and qop
  - From: Simon Josefsson

Prev by Date: Re: gs2 and qop
Next by Date: Re: gs2 and qop
Previous by thread: Re: gs2 and qop
Next by thread: Re: gs2 and qop
Index(es):
- Date
- Thread