[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IETF70 SASL summary

To: Tom Yu <tlyu@xxxxxxx>
Subject: Re: IETF70 SASL summary
From: Simon Josefsson <simon@xxxxxxxxxxxxx>
Date: Sat, 19 Jan 2008 15:39:53 +0100
Cc: ietf-sasl@xxxxxxx
In-reply-to: <ldvejcyv5np.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx> (Tom Yu's message of "Thu, 03 Jan 2008 18:41:14 -0500")
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <ldvtzmvoccc.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx> <87sl2eu3h4.fsf@xxxxxxxxxxxxxxxxxxx> <ldvejcyv5np.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)

Tom Yu <tlyu@xxxxxxx> writes:

>>>>>> "Simon" == Simon Josefsson <simon@xxxxxxxxxxxxx> writes:
>
> Simon> Tom Yu <tlyu@xxxxxxx> writes:
>>> Simon Josefsson has indicated he is not interested in purusing his
>>> password-based mech draft at this time
>
> Simon> Just to clarify: I will pursue the draft (implementing it now, the draft
> Simon> will change a lot), but due to lack of interest (I haven't seen any
> Simon> feedback), it won't include the SASL/GS2 mappings.  The document will be
> Simon> a strict password-based GSS-API mechanism.
>
> Do you intend for the SASL WG to continue considering this document,
> or are you going to pursue it in Kitten rather than in SASL?  Also, I
> believe that during SASL charter discussion, we had agreement that the
> WG will attempt to produce a password-based mechanism that is a valid
> GS2 mechanism, so there is interest in a mechanism that is valid both
> as a GSS-API mechanism and as a SASL mechanism.
>
> If you do intend for it to continue to be considered within SASL, I
> would like to make sure that people have adequately considered it in
> the context of our password-based mech charter goal.

I did intend for my proposal to be considered by the SASL WG, see:

http://article.gmane.org/gmane.ietf.kitten/1291

Whether the work is actually done in the SASL WG, the Kitten WG, or
elsewhere, seems less important to me.  Alas, I haven't had much time to
improve the document since my initial post of it, though.

What I need is a secure GSS-API mechanism for password authentication;
using it under GS2 was a secondary goal.

I may have missed them, but are there any other concrete proposals for
password based GSS-API mechanisms?

/Simon

References:
- Re: IETF70 SASL summary
  - From: Simon Josefsson
- Re: IETF70 SASL summary
  - From: Tom Yu

Prev by Date: Re: Holding gs2
Previous by thread: Re: IETF70 SASL summary
Next by thread: new milestones for charter update
Index(es):
- Date
- Thread