[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Updated SASL And Channel Binding document (-03)

To: Kurt Zeilenga <Kurt.Zeilenga@xxxxxxxxx>
Subject: Re: Updated SASL And Channel Binding document (-03)
From: Nicolas Williams <Nicolas.Williams@xxxxxxx>
Date: Tue, 26 May 2009 11:55:13 -0500
Cc: Simon Josefsson <simon@xxxxxxxxxxxxx>, Alexey Melnikov <alexey.melnikov@xxxxxxxxx>, ietf-sasl@xxxxxxx
In-reply-to: <3EDC529D-31FE-41A7-814B-2BDD98BA85FE@xxxxxxxxx>
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <20090421195036.GU1500@xxxxxxx> <874owhui8w.fsf@xxxxxxxxxxxxxxxxxxx> <20090422151927.GD1500@xxxxxxx> <4A17BF64.9070701@xxxxxxxxx> <87octh2yo3.fsf@xxxxxxxxxxxxxxxxxxx> <20090525181441.GU29258@xxxxxxx> <3EDC529D-31FE-41A7-814B-2BDD98BA85FE@xxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Mutt/1.5.7i

On Tue, May 26, 2009 at 09:48:08AM -0700, Kurt Zeilenga wrote:
> Generally and with respect to SCRAM, I rather change the specification  
> to always require the use of unique channel bindings.  I do understand  
> however that some prefer use of end-point channel binding types in  
> certain cases.

Indeed, we'll not agree to always require the use of unique channel
bindings.

> One solution for SCRAM is to offer:
> 	SCRAM-SHA-1
> 	SCRAM-SHA-1-ENDPOINT
> 	SCRAM-SHA-1-UNIQUE

That complicates everything.

> However, as WG Chair, I'm willing to discuss and conclude on this  
> issue (for SCRAM) as part of SCRAM WGLC.

I don't see what difference it makes whether we discuss this in the
context of a WGLC or not.  Either way we need a resolution.

So let's discuss it now.

To solve this without adding yet another negotiation via SASL mechanism
name we could just declare that the negotiation will be done by
SCRAM/GS2, and that the application must furnish channel bindings all
available channel binding types.  That would not precluse YAP, and it
would not complicate SCRAM/GS2.

Nico
--

Follow-Ups:
- Re: Updated SASL And Channel Binding document (-03)
  - From: Kurt Zeilenga

References:
- Updated SASL And Channel Binding document (-03)
  - From: Nicolas Williams
- Re: Updated SASL And Channel Binding document (-03)
  - From: Simon Josefsson
- Re: Updated SASL And Channel Binding document (-03)
  - From: Nicolas Williams
- Re: Updated SASL And Channel Binding document (-03)
  - From: Alexey Melnikov
- Re: Updated SASL And Channel Binding document (-03)
  - From: Simon Josefsson
- Re: Updated SASL And Channel Binding document (-03)
  - From: Nicolas Williams
- Re: Updated SASL And Channel Binding document (-03)
  - From: Kurt Zeilenga

Prev by Date: Re: Updated SASL And Channel Binding document (-03)
Next by Date: Re: I-D Action:draft-ietf-sasl-scram-00.txt
Previous by thread: Re: Updated SASL And Channel Binding document (-03)
Next by thread: Re: Updated SASL And Channel Binding document (-03)
Index(es):
- Date
- Thread