Re: [abfab] Last Call: <draft-ietf-abfab-gss-eap-08.txt> (A GSS-API Mechanism for the Extensible Authentication Protocol) to Proposed Standard
Sam Hartman <hartmans-ietf@mit.edu> Tue, 26 June 2012 19:14 UTC
Return-Path: <hartmans@mit.edu>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4B4611E809F; Tue, 26 Jun 2012 12:14:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.161
X-Spam-Level:
X-Spam-Status: No, score=-104.161 tagged_above=-999 required=5 tests=[AWL=-1.896, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 03BizKd24iQn; Tue, 26 Jun 2012 12:14:51 -0700 (PDT)
Received: from permutation-city.suchdamage.org (permutation-city.suchdamage.org [69.25.196.28]) by ietfa.amsl.com (Postfix) with ESMTP id 5419811E809C; Tue, 26 Jun 2012 12:14:51 -0700 (PDT)
Received: from carter-zimmerman.suchdamage.org (carter-zimmerman.suchdamage.org [69.25.196.178]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id AC551202D8; Tue, 26 Jun 2012 15:14:16 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id C78ED41EF; Tue, 26 Jun 2012 15:14:35 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: ietf@ietf.org
Subject: Re: [abfab] Last Call: <draft-ietf-abfab-gss-eap-08.txt> (A GSS-API Mechanism for the Extensible Authentication Protocol) to Proposed Standard
References: <20120626165832.6142.66386.idtracker@ietfa.amsl.com>
Date: Tue, 26 Jun 2012 15:14:35 -0400
In-Reply-To: <20120626165832.6142.66386.idtracker@ietfa.amsl.com> (The IESG's message of "Tue, 26 Jun 2012 09:58:32 -0700")
Message-ID: <tslk3yt6g2s.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: abfab@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jun 2012 19:14:52 -0000
EAP (RFC 3748) has a applicability statement scoped very strictly to network access. This document provides a mechanism that falls well outside that applicability statement and permits the use of EAP for general application authentication. When ABFAB was chartered, there was a charter item to update the EAP applicability statement. I think A number of people in the room at the BOF, including myself, would have objected to the work being chartered had that charter item not been present. I think that work is important because I believe there are a number of important concerns that apply to the use of EAP for authentication beyond network access that need to be documented. Unfortunately, the technical specification has gotten ahead of the applicability statement update. I'm OK with that provided that we're still firmly committed to an applicability statement update. As part of approving this document now, I want to confirm that we have consensus at least within the ABFAB working group and the IESG to do that update. If there is any doubt I'd far prefer that this document be held until the applicability statement catches up. --Sam
- Re: [abfab] Last Call: <draft-ietf-abfab-gss-eap-… Sam Hartman
- Re: [abfab] Last Call: <draft-ietf-abfab-gss-eap-… Stephen Farrell
- Re: [abfab] Last Call: <draft-ietf-abfab-gss-eap-… Sam Hartman
- Re: [abfab] Last Call: <draft-ietf-abfab-gss-eap-… Leif Johansson