[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG Last Call: draft-ietf-sasl-scram-02

Peter Saint-Andre <stpeter@xxxxxxxxxx> writes:

> On 7/30/09 2:37 PM, Simon Josefsson wrote:
>> Alexey Melnikov <alexey.melnikov@xxxxxxxxx> writes:
>> 
>>> Peter Saint-Andre wrote:
>>>
>>>>> SECTION 4
>>>>>
>>>>> Typo: "hashed function" => "hash function"
>>>>>
>>>>> I think the following text is slightly ambiguous:
>>>>>
>>>>>   The "-PLUS" suffix is used only when the server supports channel
>>>>>   binding to the external channel.  In this case the server will
>>>>>   advertise both, SCRAM-SHA-1 and SCRAM-SHA-1-PLUS, otherwise the
>>>>>   server will advertise only SCRAM-SHA-1.  The "-PLUS" exists to allow
>>>>>   negotiation of the use of channel binding.  See Section 6.
>>>>>
>>>>> This could be read to mean that if a server does not support channel
>>>>> bindings, then it will advertise only all and only SCRAM-SHA-1 (but
>>>>> never, say, SCRAM-SHA-256). I think we mean that if a server does not
>>>>> support channel bindings, then it will advertise only mechanisms of the
>>>>> form SCRAM-SHA-length and never mechanisms of the form
>>>>> SCRAM-SHA-length-PLUS (thus not forbidding support for hash functions
>>>>> other than SHA-1).
>>>>>    
>>>>>
>>>> Alexey and I talked about this in Stockholm. I suggest the following text:
>>>>
>>>>   The "-PLUS" suffix is used only when the server supports channel
>>>>   binding to the external channel.  If the server supports channel
>>>>   binding, it will advertise both the "bare" and "plus" versions of
>>>>   whatever mechanisms it supports (e.g., if the server supports only
>>>>   SCRAM with SHA-1 then it will advertise support for both SCRAM-SHA-1
>>>>   and SCRAM-SHA-1-PLUS); if the server does not support channel
>>>>   binding, then it will advertise only the "bare" version of the
>>>>   mechanism (e.g., only SCRAM-SHA-1).  The "-PLUS" exists to allow
>>>>   negotiation of the use of channel binding.  See Section 6.
>>>>  
>>>>
>>> Ok, this text will be in -04.
>> 
>> Please reassure me that the same change isn't needed in GS2?  I don't
>> see any normative words above, and as far as I can tell the described
>> behaviour is already covered by other text in both SCRAM and GS2 anyway.
>
> Do you think that the former text was not ambiguous?

No, I think your version is definitely better, but I couldn't find
matching text in GS2 to change.  I _think_ your clarification is already
covered by what's in GS2 today, including for example this text:

	      <t>Servers SHOULD advertise both non-PLUS and the
		PLUS-variant of each GS2 mechanism name.  If the
		server cannot support channel binding, it MAY
		advertise only the non-PLUS variant.  If the server
		would never succeed authentication of the non-PLUS
		variant due to policy reasons, it MAY advertise only
		the PLUS-variant.</t>

It doesn't use the same words although I believe the intention is the
same.

/Simon