RE: [dix] DRAFT: WAE BOF minutes

"Hallam-Baker, Phillip" <pbaker@verisign.com> Tue, 18 July 2006 13:46 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2ptu-0004ba-Vl; Tue, 18 Jul 2006 09:46:14 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2ptt-0004bV-HG for dix@ietf.org; Tue, 18 Jul 2006 09:46:13 -0400
Received: from colibri.verisign.com ([65.205.251.74]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G2pts-0001lX-5p for dix@ietf.org; Tue, 18 Jul 2006 09:46:13 -0400
Received: from MOU1WNEXCN03.vcorp.ad.vrsn.com (mailer6.verisign.com [65.205.251.33]) by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id k6IDkBfS016222 for <dix@ietf.org>; Tue, 18 Jul 2006 06:46:11 -0700
Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by MOU1WNEXCN03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 18 Jul 2006 06:46:11 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [dix] DRAFT: WAE BOF minutes
Date: Tue, 18 Jul 2006 06:46:06 -0700
Message-ID: <198A730C2044DE4A96749D13E167AD37BD6557@MOU1WNEXMB04.vcorp.ad.vrsn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [dix] DRAFT: WAE BOF minutes
Thread-Index: Acaqac/EYNGazAJ5RTu04tEemyz4ngABaltg
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: Digital Identity Exchange <dix@ietf.org>
X-OriginalArrivalTime: 18 Jul 2006 13:46:11.0136 (UTC) FILETIME=[8766D400:01C6AA70]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 97adf591118a232206bdb5a27b217034
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org

Only comment I remember in the BOF itself was EKR pointing out that the underlying aim of SASL is essentially broken, I guess that also applies to GSSAPI. Options in crypto specs are usually bad.

A distinction needs to be made between the authentication mechanism and the authentication protocol. Given an authentication mechanism such as a password, a public key, a biometric there should ideally be one protocol that supports that mechanism.

Having six different algorithms to support password exchange is broken. Six different protocols is worse.

The point of a standards process is not what you put into the spec, its what you leave out.


> -----Original Message-----
> From: Nicolas Williams [mailto:Nicolas.Williams@sun.com] 
> Sent: Tuesday, July 18, 2006 8:58 AM
> To: Digital Identity Exchange
> Subject: Re: [dix] DRAFT: WAE BOF minutes
> 
> On Sat, Jul 15, 2006 at 08:23:46PM +0200, Eliot Lear wrote:
> > Throughout the entire BoF there was a side conversation of 
> SASL v. GSS.
> 
> Mostly in the jabber room though...
> 
> _______________________________________________
> dix mailing list
> dix@ietf.org
> https://www1.ietf.org/mailman/listinfo/dix
> 
> 

_______________________________________________
dix mailing list
dix@ietf.org
https://www1.ietf.org/mailman/listinfo/dix