Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments
Jeffrey Hutzelman <jhutz@cmu.edu> Wed, 10 October 2007 15:16 UTC
Return-path: <channel-binding-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IfdIR-0003Hq-Fb; Wed, 10 Oct 2007 11:16:27 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IfdIP-0003Hl-W9 for channel-binding@ietf.org; Wed, 10 Oct 2007 11:16:25 -0400
Received: from minbar.fac.cs.cmu.edu ([128.2.185.161]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IfdIJ-00056q-Ro for channel-binding@ietf.org; Wed, 10 Oct 2007 11:16:25 -0400
Received: from minbar.fac.cs.cmu.edu ([127.0.0.1]) by minbar.fac.cs.cmu.edu id aa08085; 10 Oct 2007 11:16 EDT
Date: Wed, 10 Oct 2007 11:16:00 -0400
From: Jeffrey Hutzelman <jhutz@cmu.edu>
X-X-Sender: <jhutz@minbar.fac.cs.cmu.edu>
To: Nicolas Williams <Nicolas.Williams@sun.com>
Subject: Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments
In-Reply-To: <20071010143650.GT24532@Sun.COM>
Message-ID: <Pine.LNX.4.33L.0710101106010.5381-100000@minbar.fac.cs.cmu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a7d6aff76b15f3f56fcb94490e1052e4
Cc: ietf-sasl@imc.org, channel-binding@ietf.org, Sam Hartman <hartmans-ietf@mit.edu>
X-BeenThere: channel-binding@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion of channel binding IANA registry requests and specifications <channel-binding.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/channel-binding>, <mailto:channel-binding-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/channel-binding>
List-Post: <mailto:channel-binding@ietf.org>
List-Help: <mailto:channel-binding-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/channel-binding>, <mailto:channel-binding-request@ietf.org?subject=subscribe>
Errors-To: channel-binding-bounces@ietf.org
On Wed, 10 Oct 2007, Nicolas Williams wrote: > The more I think about the who's-responsible-for-prefixing issue the > more I realize that the I-D shouldn't speak to that issue. I could see > an operating system where all channels report channel bindings with the > prefix already included, another where only some do, and another where > none do -- but in all cases the applications can deal and interop > provided that the applications know which channels include the prefix > when and which don't. Again, I don't care what the operating system or the library does. Of course the document should not speak to that; focusing on API issues rather than protocol issues misses the point, which is that independent implementations be able to interoperate. What I _do_ care about is that it's clear in every case what the bits are supposed to look like on the wire and what the application protocol specification is responsible for doing. If the application protocol is supposed to provide a single slot which will contain the prefix followed by the channel binding data, then say so, and specify exactly how they are combined. If the application protocol is responsible for separately transporting the prefix and channel binding data, then say _that_, and make it clear that you need integrity protection for both. Otherwise you're going to get into a situation where the base document expects the app to transport the two elements separately, but the author of an application protocol thinks he only gets one blob which contains both, and then you have a mess because implementors don't know what to do with the prefix (ignore it? prepend it to the data? how?) and either nothing interoperates or you end up with an application protocol that you can't implement correctly without making undocumented assumptions. BTW, an environment in which some channels report data without a prefix, others report it with the prefix followed by ':', and still others report it with the prefix followed by NUL is about the worst thing I can think of. Anyone actually designing an API for this should define a consistent way of doing it. _______________________________________________ CHANNEL-BINDING mailing list CHANNEL-BINDING@ietf.org https://www1.ietf.org/mailman/listinfo/channel-binding
- [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD revi… Sam Hartman
- [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD revi… Simon Josefsson
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD revi… Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD revi… Simon Josefsson
- [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD revi… Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Simon Josefsson
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Simon Josefsson
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Simon Josefsson
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Nicolas Williams
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Alexey Melnikov
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Simon Josefsson
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Sam Hartman
- Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD … Jeffrey Hutzelman