[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Poll: use of TLS channel bindings in SCRAM

To: Nicolas Williams <Nicolas.Williams@xxxxxxx>
Subject: Re: Poll: use of TLS channel bindings in SCRAM
From: Kurt Zeilenga <Kurt.Zeilenga@xxxxxxxxx>
Date: Fri, 29 May 2009 18:56:04 -0700
Cc: Jeffrey Hutzelman <jhutz@xxxxxxx>, Simon Josefsson <simon@xxxxxxxxxxxxx>, Alexey Melnikov <alexey.melnikov@xxxxxxxxx>, SASL WG <ietf-sasl@xxxxxxx>
In-reply-to: <20090530002258.GM29258@xxxxxxx>
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <87k540napw.fsf@xxxxxxxxxxxxxxxxxxx> <20090529051317.GD29258@xxxxxxx> <87bppcml1k.fsf@xxxxxxxxxxxxxxxxxxx> <20090529154209.GI29258@xxxxxxx> <9659A4ED-92EF-4029-9F1A-FD15C6B956B3@xxxxxxxxx> <2EC8800EFECD82570732A792@xxxxxxxxxxxxxxxxxxxxxx> <CF23FDA2-68BB-4EFC-A15C-86A36C16F21B@xxxxxxxxx> <D4CCFC83CE0C68BD1D1F4225@xxxxxxxxxxxxxxxxxxxxxx> <20090529220540.GF29258@xxxxxxx> <B23BB819-E777-45C1-A461-33E09817E123@xxxxxxxxx> <20090530002258.GM29258@xxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx



On May 29, 2009, at 5:22 PM, Nicolas Williams wrote:

I believe that making GS2 support in-mechanism negotiation of channel
binding type now or in the future would require _significant_surgery on
GS2.

So your proposal does preclude one possible negotiation approach thatcould be used in SCRAM and GS2.

It's too late to be doing major changes to GS2.  Moreover, where

is the justification for requiring that GS2 support such a thing?  If
you believe that GS2 should support that, then please explain why, and
then let's have a poll on that.



You asserted:

Notice too that we are left in a position where we can actually addchannel binding type negotiation later.

My assertion is that while certainly we might be able to to addchannel binding type negotiation, the particulars of the SCRAM and GS2specifications will have a significant impact on the engineering ofsolutions. Hence, I believe it appropriate to discuss the impactupon possible solutions during the consideration of the particulars ofthe SCRAM and GS2 specification.

I will discuss the suitability of in-the-mechanism exchange in theresponse to another list message.


-- Kurt

Follow-Ups:
- Where do we stand? (Re: Poll: use of TLS channel bindings in SCRAM)
  - From: Nicolas Williams
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Nicolas Williams

References:
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Simon Josefsson
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Nicolas Williams
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Simon Josefsson
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Nicolas Williams
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Kurt Zeilenga
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Jeffrey Hutzelman
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Kurt Zeilenga
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Jeffrey Hutzelman
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Nicolas Williams
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Kurt Zeilenga
- Re: Poll: use of TLS channel bindings in SCRAM
  - From: Nicolas Williams

Prev by Date: Re: Poll: use of TLS channel bindings in SCRAM
Next by Date: Re: Poll: use of TLS channel bindings in SCRAM
Previous by thread: Re: Poll: use of TLS channel bindings in SCRAM
Next by thread: Re: Poll: use of TLS channel bindings in SCRAM
Index(es):
- Date
- Thread