RE: [http-auth] Gen-ART and OPS-Dir review of draft-ietf-httpauth-hoba-08
"Black, David" <david.black@emc.com> Sat, 27 December 2014 16:52 UTC
Return-Path: <david.black@emc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DFA41A8970; Sat, 27 Dec 2014 08:52:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ChqFyKxhjudB; Sat, 27 Dec 2014 08:52:29 -0800 (PST)
Received: from mailuogwhop.emc.com (mailuogwhop.emc.com [168.159.213.141]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9170E1A896B; Sat, 27 Dec 2014 08:52:29 -0800 (PST)
Received: from maildlpprd03.lss.emc.com (maildlpprd03.lss.emc.com [10.253.24.35]) by mailuogwprd03.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id sBRGqFQE016639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 27 Dec 2014 11:52:15 -0500
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd03.lss.emc.com sBRGqFQE016639
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1419699135; bh=b191V3bSFUuJd/qt5PFh+isvhSg=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=Y4yAVSxfJOZk1HtjF4L4808Z4aH44o9RYOn7hVJskHSa7Ijd7f1CJfmz8WweI7jcJ KZiZTD1MjdDyUuWy1m9ivSawka/+k1el28iDijXhqP96UcFfF6JpvKHnw9o0zDLc3J ENYdSK21mxq0Ne5WIJLRzLezUpBRMAOvV+Bk2dJw=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd03.lss.emc.com sBRGqFQE016639
Received: from mailusrhubprd52.lss.emc.com (mailusrhubprd52.lss.emc.com [10.106.48.25]) by maildlpprd03.lss.emc.com (RSA Interceptor); Sat, 27 Dec 2014 11:51:48 -0500
Received: from mxhub40.corp.emc.com (mxhub40.corp.emc.com [128.222.70.107]) by mailusrhubprd52.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id sBRGpxpe019607 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 27 Dec 2014 11:51:59 -0500
Received: from MXHUB103.corp.emc.com (10.253.50.16) by mxhub40.corp.emc.com (128.222.70.107) with Microsoft SMTP Server (TLS) id 8.3.327.1; Sat, 27 Dec 2014 11:51:58 -0500
Received: from MX104CL02.corp.emc.com ([169.254.8.208]) by MXHUB103.corp.emc.com ([::1]) with mapi id 14.03.0195.001; Sat, 27 Dec 2014 11:51:59 -0500
From: "Black, David" <david.black@emc.com>
To: Julian Reschke <julian.reschke@gmx.de>, "stephen.farrell@cs.tcd.ie" <stephen.farrell@cs.tcd.ie>, "paul.hoffman@vpnc.org" <paul.hoffman@vpnc.org>, "mike@phresheez.com" <mike@phresheez.com>, "General Area Review Team (gen-art@ietf.org)" <gen-art@ietf.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>
Subject: RE: [http-auth] Gen-ART and OPS-Dir review of draft-ietf-httpauth-hoba-08
Thread-Topic: [http-auth] Gen-ART and OPS-Dir review of draft-ietf-httpauth-hoba-08
Thread-Index: AdAhg2z9pL2pKktfRKq2qd7TNjhE1gAY/puAAAN09PA=
Date: Sat, 27 Dec 2014 16:51:57 +0000
Message-ID: <CE03DB3D7B45C245BCA0D243277949362CE035@MX104CL02.corp.emc.com>
References: <CE03DB3D7B45C245BCA0D243277949362CDC75@MX104CL02.corp.emc.com> <549E85D7.8000603@gmx.de>
In-Reply-To: <549E85D7.8000603@gmx.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.251.33.60]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd52.lss.emc.com
X-RSA-Classifications: public
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/5s3DALtORbgUScakhDJiyzrQJ8s
Cc: "Black, David" <david.black@emc.com>, "http-auth@ietf.org" <http-auth@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Dec 2014 16:52:32 -0000
> -----Original Message----- > From: Julian Reschke [mailto:julian.reschke@gmx.de] > Sent: Saturday, December 27, 2014 5:12 AM > To: Black, David; stephen.farrell@cs.tcd.ie; paul.hoffman@vpnc.org; > mike@phresheez.com; General Area Review Team (gen-art@ietf.org); ops- > dir@ietf.org > Cc: http-auth@ietf.org; ietf@ietf.org > Subject: Re: [http-auth] Gen-ART and OPS-Dir review of draft-ietf-httpauth- > hoba-08 > > On 2014-12-27 04:15, Black, David wrote: > > The -08 draft addresses all of the important issues in the combined Gen-ART > > and OPS-Dir review of the -07 version, and is a definite improvement over > > its -07 version. > > > > Based on discussion of item [5], there are a couple of remaining editorial > > nits in Section 5.3: > > > > During the authentication phase, if the server cannot determine the > > correct CPK, it could use HTML and JavaScript to ask the user if they > > are really a new user or want to associate this new CPK with another > > CPK. The server can then use some out-of-band method (such as a > > > > "can" -> "should" > > > > confirmation email round trip, SMS, or an UA that is already > > enrolled) to verify that the "new" user is the same as the already- > > enrolled one. Thus, logging in on a new user agent is identical to > > logging in with an existing account. > > > > If the server does not recognize the CPK the server might send the > > client through a either a join or login-new-UA (see below) process. > > > > "might" -> "should" > > > > I agree w/the draft editor that these are matters of editorial taste. > > > > Thanks, > > --David > > For the record: I strongly disagree with the proposal to insert > lower-cased BCP 14 keywords. > > > Best regards, Julian If the keyword itself is a concern, "ought to" is an alternative that has been used in the past. Thanks, --David
- Gen-ART and OPS-Dir review of draft-ietf-httpauth… Black, David
- Re: [http-auth] Gen-ART and OPS-Dir review of dra… Julian Reschke
- RE: [http-auth] Gen-ART and OPS-Dir review of dra… Black, David