[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D Action:draft-ietf-sasl-gs2-14.txt

To: Alexey Melnikov <alexey.melnikov@xxxxxxxxx>
Subject: Re: I-D Action:draft-ietf-sasl-gs2-14.txt
From: Simon Josefsson <simon@xxxxxxxxxxxxx>
Date: Wed, 29 Jul 2009 13:48:12 +0200
Cc: Nicolas Williams <Nicolas.Williams@xxxxxxx>, ietf-sasl@xxxxxxx
In-reply-to: <4A54C9F9.6080709@xxxxxxxxx> (Alexey Melnikov's message of "Wed, 08 Jul 2009 17:31:53 +0100")
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <20090627163002.0AA243A67FF@xxxxxxxxxxxxxx> <4A548D0D.1080801@xxxxxxxxx> <20090708154613.GH1064@xxxxxxx> <4A54C9F9.6080709@xxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.96 (gnu/linux)

Alexey Melnikov <alexey.melnikov@xxxxxxxxx> writes:

> Nicolas Williams wrote:
>
>>On Wed, Jul 08, 2009 at 01:11:57PM +0100, Alexey Melnikov wrote:
>>  
>>
>>>Some quick comments.
>>>
>>>In Section 3.5:
>>>    
>>>
>>>>  If the client negotiates mechanisms then clients MUST select the
>>>>  PLUS-variant if offered by the server.
>>>>      
>>>>
>>>This make sense.
>>>    
>>>
>>>>Otherwise, if the client does
>>>>  not negotiate mechanisms then it MUST use the non-PLUS variant.
>>>>      
>>>>
>>> This doesn't make much sense. If the client remembers what the
>>> server advertised previously, then it can just use the same
>>> mechanism.
>>> But even if the client never negotiate mechanisms (e.g. if the user
>>> selected the mechanism in UI), then why should it be restricted to
>>> non-PLUS variant?
>>>    
>>>
>>I think that text had been intended to say that the non-PLUS variant
>>must be selected when the client has no idea what the server supports
>>and the client isn't using CB.  But it doesn't really matter.  I'd be
>>happy with removing this text.
>>  
>>
> Alternatively I suggest correcting the text to read something like this:
>
>    Otherwise (the client does not negotiate mechanisms),
>    if the client has no prior knowledge about mechanisms supported
>    by the server and wasn't explicitly configured to use a particular
>    variant of the GS2 mechanism, then it MUST select
>    only non-PLUS version of the GS2 mechanism.

Works fine with me.  I have made this change in my local copy.

/Simon

References:
- I-D Action:draft-ietf-sasl-gs2-14.txt
  - From: Internet-Drafts
- Re: I-D Action:draft-ietf-sasl-gs2-14.txt
  - From: Alexey Melnikov
- Re: I-D Action:draft-ietf-sasl-gs2-14.txt
  - From: Nicolas Williams
- Re: I-D Action:draft-ietf-sasl-gs2-14.txt
  - From: Alexey Melnikov

Prev by Date: Re: WG Last Call: draft-ietf-sasl-gs2-14
Previous by thread: Re: I-D Action:draft-ietf-sasl-gs2-14.txt
Next by thread: summary of SCRAM TLS channel binding discussion
Index(es):
- Date
- Thread