Re: [http-auth] I-D Action: draft-morand-http-digest-2g-aka-03.txt
Yoav Nir <ynir@checkpoint.com> Tue, 03 September 2013 17:39 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12ABD11E8109 for <http-auth@ietfa.amsl.com>; Tue, 3 Sep 2013 10:39:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.632
X-Spam-Level:
X-Spam-Status: No, score=-10.632 tagged_above=-999 required=5 tests=[AWL=-0.033, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P3feIgo4S-PU for <http-auth@ietfa.amsl.com>; Tue, 3 Sep 2013 10:39:40 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id DB60A21F8416 for <http-auth@ietf.org>; Tue, 3 Sep 2013 10:39:39 -0700 (PDT)
Received: from IL-EX10.ad.checkpoint.com ([194.29.34.147]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r83HdOOp007028; Tue, 3 Sep 2013 20:39:24 +0300
X-CheckPoint: {52261ECC-0-1B221DC2-1FFFF}
Received: from DAG-EX10.ad.checkpoint.com ([169.254.3.173]) by IL-EX10.ad.checkpoint.com ([169.254.2.246]) with mapi id 14.02.0347.000; Tue, 3 Sep 2013 20:39:24 +0300
From: Yoav Nir <ynir@checkpoint.com>
To: Sean Turner <turners@ieca.com>
Thread-Topic: [http-auth] I-D Action: draft-morand-http-digest-2g-aka-03.txt
Thread-Index: AQHOqMyGh152b8tjykKxpb1HEatbBQ==
Date: Tue, 03 Sep 2013 17:39:23 +0000
Message-ID: <D4896BEB-F6BA-4712-8345-96CA945020FC@checkpoint.com>
References: <20130121181639.10474.27297.idtracker@ietfa.amsl.com> <5225E5BD.9040306@ieca.com>
In-Reply-To: <5225E5BD.9040306@ieca.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.21.200]
x-kse-antivirus-interceptor-info: protection disabled
Content-Type: text/plain; charset="us-ascii"
Content-ID: <4F90C0B19182924CB36A3A04A6441464@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "<http-auth@ietf.org>" <http-auth@ietf.org>
Subject: Re: [http-auth] I-D Action: draft-morand-http-digest-2g-aka-03.txt
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Sep 2013 17:39:45 -0000
Hi Sean, Looking over the discussion in httpbis ([1]), it's not clear to me whether this is documenting existing practice or whether it's proposing a new method. Either way, this method seems specific to a domain, where I believe the author has much more expertise than people in the working group. I am personally fine with it proceeding as an independent submission. I would also be fine with the working group discussing this, but I don't know how much value we could add. Yoav (with no hats) [1] http://lists.w3.org/Archives/Public/ietf-http-wg/2012AprJun/0375.html On Sep 3, 2013, at 4:35 PM, Sean Turner <turners@ieca.com> wrote: > Hi! > > The following draft is currently on the IESG telechat for next week and as part of the process an AD does what's called and "RFC 5742 review", which is basically a check to see if there's been an endrun on the process. This draft has been around for a while and I know it was at least discussed on the httpbis wg mailing list in early '12 (and maybe even earlier), but that was before the httpauth working group was chartered. So I gotta ask: Is this something that the working group should consider adopting? > > spt > -------- Original Message -------- > Subject: I-D Action: draft-morand-http-digest-2g-aka-03.txt > Date: Mon, 21 Jan 2013 10:16:39 -0800 > From: internet-drafts@ietf.org > Reply-To: internet-drafts@ietf.org > To: i-d-announce@ietf.org > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > > Title : Hypertext Transfer Protocol (HTTP) Digest Authentication Using GSM 2G Authentication and Key Agreement (AKA) > Author(s) : Lionel Morand > Filename : draft-morand-http-digest-2g-aka-03.txt > Pages : 15 > Date : 2013-01-21 > > Abstract: > This memo specifies a one-time password generation mechanism for > Hypertext Transfer Protocol (HTTP) Digest access authentication based > on Global System for Mobile Communications (GSM) authentication and > key generation functions A3 and A8, also known as GSM AKA or 2G AKA. > The HTTP Authentication Framework includes two authentication > schemes: Basic and Digest. Both schemes employ a shared secret based > mechanism for access authentication. The GSM AKA mechanism performs > user authentication and session key distribution in GSM and Universal > Mobile Telecommunications System (UMTS) networks. GSM AKA is a > challenge-response based mechanism that uses symmetric cryptography. > > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-morand-http-digest-2g-aka > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-morand-http-digest-2g-aka-03 > > A diff from the previous version is available at: > http://www.ietf.org/rfcdiff?url2=draft-morand-http-digest-2g-aka-03 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > I-D-Announce mailing list > I-D-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > > > _______________________________________________ > http-auth mailing list > http-auth@ietf.org > https://www.ietf.org/mailman/listinfo/http-auth
- [http-auth] Fwd: I-D Action: draft-morand-http-di… Sean Turner
- Re: [http-auth] I-D Action: draft-morand-http-dig… Yoav Nir
- Re: [http-auth] I-D Action: draft-morand-http-dig… Yaron Sheffer
- Re: [http-auth] I-D Action: draft-morand-http-dig… lionel.morand
- Re: [http-auth] I-D Action: draft-morand-http-dig… Stephen Farrell
- Re: [http-auth] I-D Action: draft-morand-http-dig… Yaron Sheffer
- Re: [http-auth] I-D Action: draft-morand-http-dig… lionel.morand
- Re: [http-auth] I-D Action: draft-morand-http-dig… lionel.morand