[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Holding gs2

To: Chris Newman <Chris.Newman@xxxxxxx>
Subject: Re: Holding gs2
From: Simon Josefsson <simon@xxxxxxxxxxxxx>
Date: Wed, 27 Feb 2008 13:19:16 +0100
Cc: Nicolas Williams <Nicolas.Williams@xxxxxxx>, Alexey Melnikov <alexey.melnikov@xxxxxxxxx>, Sam Hartman <hartmans-ietf@xxxxxxx>, ietf-sasl@xxxxxxx
In-reply-to: <A700A598DE5875E9C792C999@xxxxxxxxxxxxxxxxxx> (Chris Newman's message of "Tue, 29 Jan 2008 12:16:36 -0700")
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <tslzlv55mon.fsf@xxxxxxx> <87bq7hx536.fsf@xxxxxxxxxxxxxxxxxxx> <tslk5m2ep8f.fsf@xxxxxxx> <87myqxnc8b.fsf@xxxxxxxxxxxxxxxxxxx> <479CCD23.4050600@xxxxxxxxx> <20080128155952.GZ12865@xxxxxxx> <A700A598DE5875E9C792C999@xxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)

Chris Newman <Chris.Newman@xxxxxxx> writes:

> As a SASL implementer, it is my current intention to not implement the
> "security layer" feature of SASL.

For the record, I agree and think that the "security layer" of SASL has
been a failure and the time has come to officially deprecate them.

We could update RFC 4422 to say that security layers are deprecated in
favor of channel-binding to another security layer such as TLS or IPSEC.

/Simon

References:
- Holding gs2
  - From: Sam Hartman
- Re: Holding gs2
  - From: Simon Josefsson
- Re: Holding gs2
  - From: Sam Hartman
- Re: Holding gs2
  - From: Simon Josefsson
- Re: Holding gs2
  - From: Alexey Melnikov
- Re: Holding gs2
  - From: Nicolas Williams
- Re: Holding gs2
  - From: Chris Newman

Prev by Date: Re: call for SASL agenda items for IETF71
Next by Date: Re: SCRAM with(out) GS2
Previous by thread: Re: SCRAM with(out) GS2
Next by thread: Re: Holding gs2
Index(es):
- Date
- Thread