IETF Logo Mail Archive

Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments

Nicolas Williams <Nicolas.Williams@sun.com> Tue, 09 October 2007 21:25 UTC

Return-path: <channel-binding-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IfMa6-0004sD-MY; Tue, 09 Oct 2007 17:25:34 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IfMa5-0004s8-6N for channel-binding@ietf.org; Tue, 09 Oct 2007 17:25:33 -0400
Received: from brmea-mail-4.sun.com ([192.18.98.36]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IfMZz-0004Cf-Su for channel-binding@ietf.org; Tue, 09 Oct 2007 17:25:33 -0400
Received: from centralmail4brm.Central.Sun.COM ([129.147.62.198]) by brmea-mail-4.sun.com (8.13.6+Sun/8.12.9) with ESMTP id l99LPHFK016065 for <channel-binding@ietf.org>; Tue, 9 Oct 2007 21:25:17 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by centralmail4brm.Central.Sun.COM (8.13.6+Sun/8.13.6/ENSMAIL, v2.2) with ESMTP id l99LPH27006448 for <channel-binding@ietf.org>; Tue, 9 Oct 2007 15:25:17 -0600 (MDT)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1) with ESMTP id l99LPHt7025239; Tue, 9 Oct 2007 16:25:17 -0500 (CDT)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1/Submit) id l99LPGBU025238; Tue, 9 Oct 2007 16:25:16 -0500 (CDT)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Tue, 09 Oct 2007 16:25:16 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Sam Hartman <hartmans-ietf@mit.edu>
Subject: Re: [CHANNEL-BINDING] Re: draft-ietf-sasl-gs2 AD review comments
Message-ID: <20071009212516.GP24532@Sun.COM>
Mail-Followup-To: Sam Hartman <hartmans-ietf@mit.edu>, Simon Josefsson <simon@josefsson.org>, channel-binding@ietf.org, ietf-sasl@imc.org
References: <tslbqcf8eou.fsf@mit.edu> <871wc46umk.fsf@mocca.josefsson.org> <tsl4ph0vz30.fsf@mit.edu> <20071009203406.GL24532@Sun.COM> <tslk5pwugzz.fsf@mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <tslk5pwugzz.fsf@mit.edu>
User-Agent: Mutt/1.5.7i
X-Spam-Score: -1.0 (-)
X-Scan-Signature: de4f315c9369b71d7dd5909b42224370
Cc: channel-binding@ietf.org, ietf-sasl@imc.org
X-BeenThere: channel-binding@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion of channel binding IANA registry requests and specifications <channel-binding.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/channel-binding>, <mailto:channel-binding-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/channel-binding>
List-Post: <mailto:channel-binding@ietf.org>
List-Help: <mailto:channel-binding-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/channel-binding>, <mailto:channel-binding-request@ietf.org?subject=subscribe>
Errors-To: channel-binding-bounces@ietf.org

On Tue, Oct 09, 2007 at 05:15:28PM -0400, Sam Hartman wrote:
>     Nicolas> In any case, I don't think the channel
>     Nicolas> providing the bindings should be providing the prefix.
> 
> I don't see why this is true.  I'm with Nico; could go either way.

Heh!

OK, let's decide either way, shall we?  Because in some cases apps will
be responsible for constructing the channel binding in the first place,
and to minimize API impact on secure channels, I'd rather make the app
responsible for adding the prefix.

The primary consequence of doing so is: apps must know what type of
channel they are binding to, and if they don't know then the implication
is that some channel abstraction layer exists which does know and can be
made responsible for adding the prefix.

_______________________________________________
CHANNEL-BINDING mailing list
CHANNEL-BINDING@ietf.org
https://www1.ietf.org/mailman/listinfo/channel-binding

v2.23.0 | Report a Bug | By Email