RE: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

"Kemp, David P." <DPKemp@missi.ncsc.mil> Fri, 13 February 2009 14:07 UTC

Return-Path: <DPKemp@missi.ncsc.mil>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 997FB3A6B77; Fri, 13 Feb 2009 06:07:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SJFJx192vd4P; Fri, 13 Feb 2009 06:07:42 -0800 (PST)
Received: from stingray.missi.ncsc.mil (stingray.missi.ncsc.mil [144.51.50.20]) by core3.amsl.com (Postfix) with ESMTP id AFE153A6A86; Fri, 13 Feb 2009 06:07:42 -0800 (PST)
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Fri, 13 Feb 2009 09:07:19 -0500
Message-ID: <200902131407.n1DE7YDn008012@stingray.missi.ncsc.mil>
In-Reply-To: <tsleiy3wa8b.fsf@live.mit.edu>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
Thread-Index: AcmN2Itziawv3ySCTIqSyqg+e5X0yQACJ9eQ
References: <07d901c98d3e$0fdb9f70$0201a8c0@nsnintra.net><C5B9DD87.327A%mshore@cisco.com><081b01c98d46$d8c731d0$0201a8c0@nsnintra.net><6ED388AA006C454BA35B0098396B9BFB04CD3CC5@uxsrvr20.atlas.ukerna.ac.uk> <tsleiy3wa8b.fsf@live.mit.edu>
From: "Kemp, David P." <DPKemp@missi.ncsc.mil>
To: tls@ietf.org, ietf@ietf.org
X-OriginalArrivalTime: 13 Feb 2009 14:03:20.0640 (UTC) FILETIME=[D3BF6C00:01C98DE3]
X-Mailman-Approved-At: Fri, 13 Feb 2009 10:40:42 -0800
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Feb 2009 14:07:43 -0000

Sam,

Is your suggestion that there is a better existing working group, or to
establish one through the BOF process?  We are interested both in
leveraging at the application layer an authentication context
established by TLS between A and B (as opposed to relying on an SSO
assertion from C to B that C has authenticated A), and in carrying A's
authorization-related attributes (pre-signed by C) within that context.

I was aware of this discussion only because it came to TLS, and would
welcome a pointer to the right forum.



-----Original Message-----
From: Sam Hartman
Sent: Thursday, February 12, 2009 5:40 PM
To: Josh Howlett
Cc: Hannes Tschofenig; tls@ietf.org; ietf@ietf.org
Subject: Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

[...]

For these reasons I support the publication of a standard in this
space.  I don't object to this work going to the TLS working group
provided that 
1) it is within their current charter
2) They commit to do the work and have sufficient energy  to move it
forward quickly.

I do object to moving the discussion of whether to solve this problem
to the TLS working group.  I don't think that is the right forum: the
TLS working group does not collect the people who would
benefit from this work.