[Dime] SASL over Diameter: AVP Codes inquiry
Rick van Rein <rick@openfortress.nl> Fri, 28 January 2022 20:11 UTC
Return-Path: <vanrein@vanrein.org>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC5273A1036 for <dime@ietfa.amsl.com>; Fri, 28 Jan 2022 12:11:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=kpnmail.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jpwh3hO1LAZJ for <dime@ietfa.amsl.com>; Fri, 28 Jan 2022 12:11:40 -0800 (PST)
Received: from ewsoutbound.kpnmail.nl (ewsoutbound.kpnmail.nl [195.121.94.168]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9835D3A1041 for <dime@ietf.org>; Fri, 28 Jan 2022 12:11:33 -0800 (PST)
X-KPN-MessageId: 7acf0fe9-8076-11ec-8f5a-005056aba152
Received: from smtp.kpnmail.nl (unknown [10.31.155.38]) by ewsoutbound.so.kpn.org (Halon) with ESMTPS id 7acf0fe9-8076-11ec-8f5a-005056aba152; Fri, 28 Jan 2022 21:11:29 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kpnmail.nl; s=kpnmail01; h=content-type:mime-version:message-id:subject:to:from:date; bh=4TUWEjK9ALy2dQ75jjsH1QAOe1yoC/T6E7m/EvfstpM=; b=UlSSDVSDrCIL/uq+okO8Ffcr2YKvaiCdk8LAkcx7Ii6UF7pcrvaIqOtQu9GOUGNjhvNUmj5Nz/ueI eahs/vliszGPGJIsxZTgrKpCyIcBZovqhDSKFDmFKmbL1lgvAkwilu2+kizwFk8lUakfaT1Tsb3BcC OUKSgSjhQi/P1uYk=
X-KPN-VerifiedSender: No
X-CMASSUN: 33|Dvwc5I38/XJFJcDuIpjJNhJKzy1Vs80e0EBLnTM4RM/EPmucpwOfK1mQY47KLG8 i6OBZ43wjcD3+dGaLG5ac+Q==
X-Originating-IP: 83.161.146.46
Received: from fame.vanrein.org (phantom.vanrein.org [83.161.146.46]) by smtp.xs4all.nl (Halon) with ESMTPSA id 7ab2cbe1-8076-11ec-a3ee-005056abf0db; Fri, 28 Jan 2022 21:11:29 +0100 (CET)
Received: by fame.vanrein.org (Postfix, from userid 1000) id 6231C2C79B; Fri, 28 Jan 2022 20:11:29 +0000 (UTC)
Date: Fri, 28 Jan 2022 20:11:29 +0000
From: Rick van Rein <rick@openfortress.nl>
To: Diameter Maint/Ext <dime@ietf.org>
Cc: Henri Manson <dev+henri@arpa2.org>
Message-ID: <20220128201129.GC13292@openfortress.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dime/NlaPj5MGPNf6YQZKNHH5FyaX30w>
Subject: [Dime] SASL over Diameter: AVP Codes inquiry
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dime/>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jan 2022 20:17:32 -0000
Hello DiMe, The attached Internet Draft is an extension to Diameter to make it relay SASL authentication requests. This is intended to run between independently operated domains, so we plan to ask IANA to register the AVP Codes. Before we file this request, please let us know if you have any concerns about or feedback on the specification. These are AVPs for the NAS application, and they are not Mandatory. This specification defines three AVP Codes for use with Diameter. IANA is requested to register the following AVP Codes for them in the "Authentication, Authorization, and Accounting (AAA) Parameters" registry: AVP Code | Attribute Name | Reference ---------+----------------------+------------ TBD0 | SASL-Mechanism | (this spec) TBD1 | SASL-Token | (this spec) TBD2 | SASL-Channel-Binding | (this spec) Thanks, Rick van Rein, Henri Manson A new version of I-D, draft-vanrein-diameter-sasl-06.txt has been successfully submitted by Rick van Rein and posted to the IETF repository. Name: draft-vanrein-diameter-sasl Revision: 06 Title: Realm Crossover for SASL and GSS-API via Diameter Document date: 2022-01-28 Group: Individual Submission Pages: 23 URL: https://www.ietf.org/archive/id/draft-vanrein-diameter-sasl-06.txt Status: https://datatracker.ietf.org/doc/draft-vanrein-diameter-sasl/ Htmlized: https://datatracker.ietf.org/doc/html/draft-vanrein-diameter-sasl Diff: https://www.ietf.org/rfcdiff?url2=draft-vanrein-diameter-sasl-06 Abstract: SASL and GSS-API are used for authentication in many application protocols. This specification extends them to allow credentials of an identity domain to be used against external services. To this end, it introduces end-to-end encryption for SASL that is safe to relay through a foreign server.
- [Dime] SASL over Diameter: AVP Codes inquiry Rick van Rein