Re: Last Call: draft-ietf-sasl-gs2 (Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family) to Proposed Standard
Simon Josefsson <simon@josefsson.org> Fri, 30 October 2009 07:31 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B1D193A69F3; Fri, 30 Oct 2009 00:31:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.802
X-Spam-Level:
X-Spam-Status: No, score=-2.802 tagged_above=-999 required=5 tests=[AWL=-0.203, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2MhjbaqD41WG; Fri, 30 Oct 2009 00:31:38 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id 8470B3A69EB; Fri, 30 Oct 2009 00:31:37 -0700 (PDT)
Received: from mocca.josefsson.org (c80-216-24-211.bredband.comhem.se [80.216.24.211]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5) with ESMTP id n9U7Vo9Y006263 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 30 Oct 2009 08:31:51 +0100
From: Simon Josefsson <simon@josefsson.org>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Subject: Re: Last Call: draft-ietf-sasl-gs2 (Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family) to Proposed Standard
References: <20091026150534.160253A696D@core3.amsl.com> <4AEA0905.6030306@isode.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:091030:ietf@ietf.org::b8PImG1X+fQ0pwof:QqRy
X-Hashcash: 1:22:091030:sasl@ietf.org::eMWLIUdSBm6c5z/3:VN1z
X-Hashcash: 1:22:091030:alexey.melnikov@isode.com::EUuIkxpndLu3WaDN:gWnj
Date: Fri, 30 Oct 2009 08:31:50 +0100
In-Reply-To: <4AEA0905.6030306@isode.com> (Alexey Melnikov's message of "Thu, 29 Oct 2009 21:28:37 +0000")
Message-ID: <87vdhxcp7d.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: clamav-milter 0.95.2 at yxa-v
X-Virus-Status: Clean
Cc: ietf@ietf.org, sasl@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2009 07:31:39 -0000
Alexey Melnikov <alexey.melnikov@isode.com> writes: > The IESG wrote: > >> The IESG has received a request from the Simple Authentication and >> Security Layer WG (sasl) to consider the following document: >> >>- 'Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family ' >> <draft-ietf-sasl-gs2-17.txt> as a Proposed Standard >> >>The IESG plans to make a decision in the next few weeks, and solicits >>final comments on this action. Please send substantive comments to the >> ietf@ietf.org mailing lists by 2009-11-18. Exceptionally, comments >> may be sent to iesg@ietf.org instead. In either case, please retain >> the beginning of the Subject line to allow automated sorting. >> >> > I would like to suggest a clarification to the IANA registration for > GS2-* family of SASL mechanisms: > > In Section 15, 3rd paragraph: > > OLD: > The IANA is advised that SASL mechanism names starting with "GS2-" > are reserved for SASL mechanisms which conform to this document. The > IANA is directed to place a statement to that effect in the sasl- > mechanisms registry. > > NEW: > The IANA is advised that SASL mechanism names starting with "GS2-" > are reserved for SASL mechanisms which conform to this document. The > IANA is directed to place a statement to that effect in the sasl- > mechanisms registry. With the exception of "GS2-KRB5" and > "GS2-KRB5-PLUS" > (registered later in this section), all other mechanism names in this > family are constructed as > defined in section 3.1. > > Opinions? This forces future GSS-API mechanisms that provide a SASL mechanism name to use a SASL name outside of the GS2-* prefix. Was that your intention? I thought it would be nice to allow a future GSS-API mechanism, called say FOOBAR, to be able to register the SASL mechanism name GS2-FOOBAR. But having them register FOOBAR instead is of course fine too. I'm fine with adding the text if this situation was what you intended. /Simon
- Re: Last Call: draft-ietf-sasl-gs2 (Using GSS-API… Alexey Melnikov
- Re: Last Call: draft-ietf-sasl-gs2 (Using GSS-API… Simon Josefsson