IETF Logo Mail Archive

Re: [apps-discuss] [kitten] [saag] HTTP authentication: the next generation

Luke Howard <lukeh@padl.com> Sun, 12 December 2010 01:37 UTC

Return-Path: <lukeh@padl.com>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7C7E13A6CE2; Sat, 11 Dec 2010 17:37:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qTb5wLZeH8eU; Sat, 11 Dec 2010 17:37:05 -0800 (PST)
Received: from us.padl.com (us.padl.com [216.154.215.154]) by core3.amsl.com (Postfix) with ESMTP id 55CB128C0CE; Sat, 11 Dec 2010 17:37:04 -0800 (PST)
Received: by us.padl.com with ESMTP id oBC1c2GK007734; Sat, 11 Dec 2010 20:38:07 -0500
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="us-ascii"
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <ADDEC353-8DE6-408C-BC75-A50B795E2F6C@checkpoint.com>
Date: Sun, 12 Dec 2010 12:38:07 +1100
Content-Transfer-Encoding: quoted-printable
Message-Id: <78BD0B98-0F20-478B-85F1-DBB45691EB0D@padl.com>
References: <4D02AF81.6000907@stpeter.im> <p06240809c928635499e8@[10.20.30.150]> <ADDEC353-8DE6-408C-BC75-A50B795E2F6C@checkpoint.com>
To: Yoav Nir <ynir@checkpoint.com>
X-Mailer: Apple Mail (2.1082)
X-SMTP-Vilter-Version: 1.3.6
X-Spamd-Symbols: AWL,BAYES_00
X-SMTP-Vilter-Spam-Backend: spamd
X-Spam-Threshold: 5.0
X-Spam-Probability: -0.5
X-Mailman-Approved-At: Sun, 12 Dec 2010 08:17:08 -0800
Cc: "apps-discuss@ietf.org" <apps-discuss@ietf.org>, "pgut001@cs.auckland.ac.nz" <pgut001@cs.auckland.ac.nz>, websec <websec@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>, "kitten@ietf.org" <kitten@ietf.org>, Yaron Sheffer <yaronf.ietf@gmail.com>, "http-auth@ietf.org" <http-auth@ietf.org>, "saag@ietf.org" <saag@ietf.org>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Subject: Re: [apps-discuss] [kitten] [saag] HTTP authentication: the next generation
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Dec 2010 01:37:09 -0000

On 12/12/2010, at 10:10 AM, Yoav Nir wrote:

> 
> On Dec 11, 2010, at 1:09 AM, Paul Hoffman wrote:
> 
>> At 3:53 PM -0700 12/10/10, Peter Saint-Andre wrote:
>>> Other than that, I'm not aware of much activity. What have I missed?
>> 
>> TLS client certificates.
> 
> TLS client certificates work, but as we've learned both with the web and with IPsec clients, people would much rather not use them. A few IETFs ago (Chicago?), a bunch of us tried to push the idea of TLS with EAP authentication.
> 
> http://tools.ietf.org/html/draft-nir-tls-eap

Does draft-williams-tls-app-sasl-opt-04.txt + abfab get you the moral equivalent?

-- Luke

v2.23.0 | Report a Bug | By Email