IETF Logo Mail Archive

RE: Gen-ART review of draft-ietf-krb-wg-otp-preauth-18

<gareth.richards@rsa.com> Fri, 26 August 2011 15:57 UTC

Return-Path: <gareth.richards@rsa.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37E4021F8770; Fri, 26 Aug 2011 08:57:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mWNwDyOlt3gt; Fri, 26 Aug 2011 08:57:54 -0700 (PDT)
Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 8549421F8ABD; Fri, 26 Aug 2011 08:57:54 -0700 (PDT)
Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p7QFx9KE010181 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 26 Aug 2011 11:59:09 -0400
Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.130]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor); Fri, 26 Aug 2011 11:58:57 -0400
Received: from mxhub20.corp.emc.com (mxhub20.corp.emc.com [10.254.93.49]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p7QFwvdw016160; Fri, 26 Aug 2011 11:58:57 -0400
Received: from MX11A.corp.emc.com ([169.254.1.161]) by mxhub20.corp.emc.com ([10.254.93.49]) with mapi; Fri, 26 Aug 2011 11:58:57 -0400
From: gareth.richards@rsa.com
To: simon@josefsson.org
Date: Fri, 26 Aug 2011 11:58:55 -0400
Subject: RE: Gen-ART review of draft-ietf-krb-wg-otp-preauth-18
Thread-Topic: Gen-ART review of draft-ietf-krb-wg-otp-preauth-18
Thread-Index: AcxkB7unBRSZvmP1T2y7dylyaUSG4wAATmug
Message-ID: <B1371F619AB0A94C9AC73CF2E475485B038C518909@MX11A.corp.emc.com>
References: <7C4DFCE962635144B8FAE8CA11D0BF1E0589672C6A@MX14A.corp.emc.com> <tslliui6ycj.fsf@mit.edu> <7C4DFCE962635144B8FAE8CA11D0BF1E0589672CE3@MX14A.corp.emc.com> <B1371F619AB0A94C9AC73CF2E475485B038C5188E1@MX11A.corp.emc.com> <87sjoocgxs.fsf@latte.josefsson.org>
In-Reply-To: <87sjoocgxs.fsf@latte.josefsson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EMM-MHVC: 1
X-Mailman-Approved-At: Fri, 26 Aug 2011 09:06:56 -0700
Cc: gen-art@ietf.org, david.black@emc.com, hartmans-ietf@mit.edu, ietf-krb-wg@lists.anl.gov, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Aug 2011 15:57:55 -0000

Could we add a URI list to draft-lha-krb-wg-some-numbers-to-iana?

>
> > Some form of identifier will be required for the otp-algID in the
> > PA-OTP-CHALLENGE and the PA-OTP-REQUEST and from what I remember
> about
> > when this was first discussed, it was agreed that it would make sense
> > to use the registry of identifiers already being established for PSKC
> > rather than produce a duplicate one.  My assumption was that a
> > registry would be required to ensure that the URIs were unique.
> >
>
> I think a separate registry is needed, RFC 6030 requires several things
> from a profile that shouldn't be required in order to support Kerberos
> OTP.  See below.
>
> /Simon
>
> 12.4.  PSKC Algorithm Profile Registry
>
>    IANA has created a registry for PSKC algorithm profiles in
> accordance
>    with the principles set out in RFC 5226 [RFC5226].
>
>    As part of this registry, IANA maintains the following information:
>
>    Common Name:  The name by which the PSKC algorithm profile is
>       generally referred.
>
>    Class:  The type of PSKC algorithm profile registry entry being
>       created, such as encryption, Message Authentication Code (MAC),
>       One-Time Password (OTP), Digest.
>
>    URI:  The URI to be used to identify the profile.
>
>    Identifier Definition:  IANA will add a pointer to the specification
>       containing information about the PSKC algorithm profile
>       registration.
>
>    Algorithm Definition:  A reference to the stable document in which
>       the algorithm being used with the PSKC is defined.
>
>    Registrant Contact:  Contact information about the party submitting
>       the registration request.
>
>    Deprecated:  TRUE if this entry has been deprecated based on expert
>       approval and SHOULD not be used in any new implementations.
>       Otherwise, FALSE.
>
>    PSKC Profiling:  Information about PSKC XML elements and attributes
>       being used (or not) with this specific profile of PSKC.
>
>    PSKC algorithm profile identifier registrations are to be subject to
>    Specification Required as per RFC 5226 [RFC5226].  Updates can be
>    provided based on expert approval only.  Based on expert approval,
> it
>    is possible to mark entries as "deprecated".  A designated expert
>    will be appointed by the IESG.
>
>    IANA has added two initial values to the registry based on the
>    algorithm profiles described in Section 10.

v2.23.0 | Report a Bug | By Email