Re: Fourth Last Call: draft-housley-tls-authz-extns
Simon Josefsson <simon@josefsson.org> Fri, 16 January 2009 22:37 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 708C13A695E; Fri, 16 Jan 2009 14:37:20 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0697B3A695E for <ietf@core3.amsl.com>; Fri, 16 Jan 2009 14:37:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.593
X-Spam-Level:
X-Spam-Status: No, score=-2.593 tagged_above=-999 required=5 tests=[AWL=0.006, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KMVGBFBqWfPY for <ietf@core3.amsl.com>; Fri, 16 Jan 2009 14:37:19 -0800 (PST)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id C454B3A689D for <ietf@ietf.org>; Fri, 16 Jan 2009 14:37:17 -0800 (PST)
Received: from c80-216-29-127.bredband.comhem.se ([80.216.29.127] helo=mocca.josefsson.org) by yxa-v.extundo.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.69) (envelope-from <simon@josefsson.org>) id 1LNxJB-0004AN-V1; Fri, 16 Jan 2009 23:36:58 +0100
From: Simon Josefsson <simon@josefsson.org>
To: Russ Housley <housley@vigilsec.com>
Subject: Re: Fourth Last Call: draft-housley-tls-authz-extns
References: <20090114161820.BFA4228C1BB@core3.amsl.com> <20090115013244.GA20394@redoubt.spodhuis.org> <20090115162240.3DEC23A67F1@core3.amsl.com> <87d4eofqaa.fsf@mocca.josefsson.org> <20090115195434.DE00A3A6A35@core3.amsl.com> <87iqofd0cy.fsf@mocca.josefsson.org> <20090116155538.B173128C0FF@core3.amsl.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090116:ietf@ietf.org::ayXkRBBPedbW1RSJ:Hvy9
X-Hashcash: 1:22:090116:housley@vigilsec.com::VynBOSj2xX8RguT+:Inb7
Date: Fri, 16 Jan 2009 23:36:57 +0100
In-Reply-To: <20090116155538.B173128C0FF@core3.amsl.com> (Russ Housley's message of "Fri, 16 Jan 2009 10:44:18 -0500")
Message-ID: <87ljtaanee.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.60 (gnu/linux)
MIME-Version: 1.0
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
Russ Housley <housley@vigilsec.com> writes: > EXAMPLE > > Clearance may be the easiest one. For simplicity, let's assume that > the client are server already have X.509 identity certificates. > Assume the server is operated by the military, and it includes some > information that its wants to share with the public, perhaps > recruiting data, and information that is available to anyone that has > a clearance. This latter information is released to any client that > presents a valid attribute certificate that is bound to the X.509 > identity certificate used in client authentication and issued by any > of the military branches that demonstrates that the client holds a > clearance. It seems to me that the authorization data passed in this way can be used to "locate" an agreement, i.e., the legally binding document that approve a certain individual for some clearance level. The 1026 patent disclaimer text suggests this mode would be covered by their patent application. So I don't follow how that would be an example of an unencumbered way to use the protocol? However, this is mostly a legal decision, to evaluate the risks to get sued by implementing the technology, so I'll defer until I understand what a lawyer thinks about the new situation. /Simon _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Bernard Aboba
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Sam Hartman
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Peter Sylvester
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Tim Polk
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Sam Hartman
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Phil Pennock
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Peter Sylvester
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Russ Housley
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- RE: Fourth Last Call: draft-housley-tls-authz-ext… Josh Howlett
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Simon Josefsson
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Sean Foy
- Re: Fourth Last Call: draft-housley-tls-authz-ext… SM
- RE: Fourth Last Call: draft-housley-tls-authz-ext… Bernard Aboba
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Pablo 'merKur' Kohan
- RE: Fourth Last Call: draft-housley-tls-authz-ext… Robert Schott
- Re: Fourth Last Call: draft-housley-tls-authz-ext… Joachim Achtzehnter