CAT-WG Last-Call: draft-ietf-cat-ftpdsaauth-00.txt
"Linn, John" <jlinn@securitydynamics.com> Wed, 07 January 1998 04:44 UTC
From: "Linn, John" <jlinn@securitydynamics.com>
To: CAT-WG List <cat-ietf@mit.edu>
Subject: CAT-WG Last-Call: draft-ietf-cat-ftpdsaauth-00.txt
Date: Tue, 06 Jan 1998 23:44:38 -0500
X-Message-ID:
Message-ID: <20140418005448.2560.26562.ARCHIVE@ietfa.amsl.com>
CAT/FTPsec fanciers: Per discussion at the DC IETF, this message is to open a CAT-WG Last-Call on draft-ietf-cat-ftpdsaauth-00.txt, "FTP Authentication using DSA", which profiles the use of FTP Security Extensions (RFC-2228) with DSA and SHA-1 algorithms. Please send any discussion or comments on this draft and its prospective recommendation for advancement to Proposed Standard to the CAT-WG list NLT Tuesday, 3 February 1998. Note: Per RFC-2026 ("The Internet Standards Process - Revision 3"), sec. 4.1.1, IESG Proposed Standard advancement decisions require that a document has received significant community review and apparent community interest, and discussion of this draft has so far been relatively quiet. To aid in supporting this document's progression per the RFC-2026 criteria, it would be helpful if readers and reviewers of draft-ietf-cat-ftpdsaauth-00 were to identify themselves to the list during the WG Last-Call even if no comments need be made against the draft's content. Thanks, ... --jl Date: Fri, 09 Jan 1998 08:37:59 -0600 From: Doug Engert <deengert@anl.gov> Reply-To: deengert@anl.gov Organization: Argonne National Laboratory To: Carlisle Adams <carlisle.adams@entrust.com> Cc: cat-ietf@mit.edu Subject: GSSAPI-SPKM Carlisle, Are there any implementations of GSSAPI which implement SPKM - RFC-2025? Either comercial products or source code? Is the Entrust product RFC-2025 compliant? If there are more then one, has there been an interoperability testing? Thanks. -- Douglas E. Engert <DEEngert@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 To: cat-ietf@mit.edu, krb-protocol@mit.edu Subject: Contents of e-data with KDC_ERR_PREAUTH_REQUIRED X-Emacs: 19.34 From: joda@pdc.kth.se (Johan Danielsson) Date: 11 Jan 1998 01:20:41 +0100 Lines: 26 If the client is required to use pre-authentication, what should the KDC return in the e-data field? Suppose I have a database with a list of keys for each principal. Each key corresponds to the same password, but are different because they are used with different crypto-systems, and/or because they are salted differently. What I would like to return is a list of keytype/salt-pairs, but there isn't any documented way to do this. I believe that the MIT KDC uses the PA-ETYPE-INFO padata-type for something similar. I basically want something like this: PA-KEY-INFO ::= SEQUENCE { keytype[1] INTEGER, salttype[2] INTEGER, salt[3] OCTET STRING } Generally, the various structures that has OCTET STRINGs instead of CHOICEs, need better descriptions of the intended use of the `opaque' data. /Johan