IETF Logo Mail Archive

Re: [jose] #161 Password Considerations - Proposed Text

"Matt Miller (mamille2)" <mamille2@cisco.com> Mon, 11 November 2013 16:21 UTC

Return-Path: <mamille2@cisco.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76BD621E80BE for <jose@ietfa.amsl.com>; Mon, 11 Nov 2013 08:21:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.549
X-Spam-Level:
X-Spam-Status: No, score=-10.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CmU4qSLV04Tn for <jose@ietfa.amsl.com>; Mon, 11 Nov 2013 08:21:04 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 961BB21E8064 for <jose@ietf.org>; Mon, 11 Nov 2013 08:21:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4193; q=dns/txt; s=iport; t=1384186864; x=1385396464; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=tfsFRxMdqHjM/LPngCGAWD7ofkrFnnX4tDJNe/zyLOk=; b=g/x06N2RF+3SPbKd9MlBihk7mMhnFLBrLiD2ZAmQIUa340WOYPV6SjRQ WrgjRZV6oIgUJIUiyqH0As2kPVH8ilozWz5DB2bUWYTD4kmKwhkcUG6U1 uuDK1WXJkdAbBD+imWzyA94yilmumiuQ2avkHZDl6iNYuBMTSVigGVWqQ c=;
X-Files: signature.asc : 496
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhoFAAsDgVKtJV2Y/2dsb2JhbABZgwc4U78XgTsWdIIlAQEBAwEBAQFrCwUHBAIBCA4DBAEBGQ8HJwsUCQgCBA4FDodtBg2+FwSPPCsHBhKDCIEQA5AwgTCGL5IKgyaCKg
X-IronPort-AV: E=Sophos; i="4.93,679,1378857600"; d="asc'?scan'208"; a="283334850"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-3.cisco.com with ESMTP; 11 Nov 2013 16:21:04 +0000
Received: from xhc-rcd-x12.cisco.com (xhc-rcd-x12.cisco.com [173.37.183.86]) by rcdn-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id rABGL3Ie004543 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 11 Nov 2013 16:21:03 GMT
Received: from xmb-aln-x11.cisco.com ([169.254.6.19]) by xhc-rcd-x12.cisco.com ([173.37.183.86]) with mapi id 14.03.0123.003; Mon, 11 Nov 2013 10:21:03 -0600
From: "Matt Miller (mamille2)" <mamille2@cisco.com>
To: Mike Jones <Michael.Jones@microsoft.com>
Thread-Topic: [jose] #161 Password Considerations - Proposed Text
Thread-Index: AQHO3BVE3WEoFUgd4UGGF31cKjBCr5occvUAgAMli4CAACSsAIAAJUMAgAC+A4A=
Date: Mon, 11 Nov 2013 16:21:03 +0000
Message-ID: <15B79C56-3C43-4F25-A8A7-2EB015D7B7B2@cisco.com>
References: <4E5336EC-417E-45A8-9F58-952BBA668C25@cisco.com> <255B9BB34FB7D647A506DC292726F6E11536158D20@WSMSG3153V.srv.dir.telstra.com> <4E1F6AAD24975D4BA5B168042967394377E734AE@TK5EX14MBXC287.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115362B7ADA@WSMSG3153V.srv.dir.telstra.com> <0a1001cede88$62aff3e0$280fdba0$@augustcellars.com> <4E1F6AAD24975D4BA5B168042967394377E751AD@TK5EX14MBXC287.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B168042967394377E751AD@TK5EX14MBXC287.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [64.101.72.44]
Content-Type: multipart/signed; boundary="Apple-Mail=_908B8581-F1FE-457E-9A31-C97CDE055282"; protocol="application/pgp-signature"; micalg="pgp-sha512"
MIME-Version: 1.0
Cc: Jim Schaad <ietf@augustcellars.com>, "Manger, James H" <James.H.Manger@team.telstra.com>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] #161 Password Considerations - Proposed Text
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Nov 2013 16:21:21 -0000

The document draft-ietf-precis-saslprepbis competed a WG LC a few weeks ago, but went through a fair amount of changes recently.  A discussion with some Kitten WG folk is pending to make sure their concerns are addressed.  It might go through another WG LC.  The foundational documents for PRECIS (draft-ietf-precis-framework and draft-ietf-precis-mappings) completed WG LC; the consensus was that precis-framework is ready for IETF LC, but precis-mapping might not be (each has a normative reference to the other, and saslprepbis has a normative reference to precis-framework).


- m&m

Matt Miller < mamille2@cisco.com >
Cisco Systems, Inc.

On Nov 10, 2013, at 9:00 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:

> I'm OK with the MUST.  But can anyone give us a status update on draft-ietf-precis-saslprepbis?  It doesn't appear to be in the RFC Editor queue.  I'm worried that if we make a normative reference, JWA will be held up in the RFC editor queue for on reference, just like draft-ietf-appsawg-acct-uri is currently held up in the RFC Editor queue on a reference to draft-ietf-precis-framework, which has not yet been received by the RFC Editor.
> 
> 				-- Mike
> 
> -----Original Message-----
> From: Jim Schaad [mailto:ietf@augustcellars.com] 
> Sent: Sunday, November 10, 2013 6:48 PM
> To: 'Manger, James H'; Mike Jones; 'Matt Miller (mamille2)'; jose@ietf.org
> Subject: RE: [jose] #161 Password Considerations - Proposed Text
> 
> 
> 
>> -----Original Message-----
>> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf 
>> Of Manger, James H
>> Sent: Sunday, November 10, 2013 4:36 PM
>> To: Mike Jones; Matt Miller (mamille2); <jose@ietf.org>
>> Subject: Re: [jose] #161 Password Considerations - Proposed Text
>> 
>>> ----------
>>> From: Mike Jones [mailto:Michael.Jones@microsoft.com]
>>> 
>>> I believe that the following text addresses the encoding issue that 
>>> James raised:
>>> 
>>> 	  The PBES2 password input is an octet sequence;
>>> 	  if the password to be used is represented as a text string
>>> 	  rather than an octet sequence, the UTF-8 encoding of the text
> string
>>> 	  SHOULD be used as the octet sequence.
>>> 
>>> If you'd like to see any changes made to it, please propose specific 
>>> edits.
>>> 
>>> (The SASLPREP text is already present in the Internationalization 
>>> Considerations section.)
>>> 
>>> 				Thanks,
>>> 				-- Mike
>> 
>> 
>> At least change SHOULD to MUST.
> 
> If it is not changed then there needs to be a lot of description about why this is not a MUST.  If this is the case then it would be logical that two different implementations could do different decisions and never interoperate.
> 
> I would say that we should make a normative reference to the draft-melnikov-precis-saslprepbis as well.  If not then we will probably get hit by the ADs.
> 
> Jim
> 
>> 
>> --
>> James Manger
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
>

v2.23.0 | Report a Bug | By Email