IETF Logo Mail Archive

Re: [kitten] CB data characteristics Re: Fw: New Version Notification for draft-mills-kitten-sasl-oauth-02

Nico Williams <nico@cryptonector.com> Sat, 09 April 2011 08:02 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: kitten@core3.amsl.com
Delivered-To: kitten@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AB89D3A69A9 for <kitten@core3.amsl.com>; Sat, 9 Apr 2011 01:02:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.945
X-Spam-Level:
X-Spam-Status: No, score=-1.945 tagged_above=-999 required=5 tests=[AWL=0.031, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H6GovgogCmSU for <kitten@core3.amsl.com>; Sat, 9 Apr 2011 01:02:31 -0700 (PDT)
Received: from homiemail-a32.g.dreamhost.com (caiajhbdcahe.dreamhost.com [208.97.132.74]) by core3.amsl.com (Postfix) with ESMTP id B1F993A68AA for <kitten@ietf.org>; Sat, 9 Apr 2011 01:02:30 -0700 (PDT)
Received: from homiemail-a32.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a32.g.dreamhost.com (Postfix) with ESMTP id 8EC87584058 for <kitten@ietf.org>; Sat, 9 Apr 2011 01:04:15 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc: content-type; q=dns; s=cryptonector.com; b=Q8Hlj/ljrvY/LbU6n4t4v 6f9ZfN/luKEr+Ch62V9GLwgbdljAJphHbzKxFrLOwkizt5je2O4ZcHLFjPpRNnW9 22Kxg3YjzIWgOVFB2hhq454VpBiJifYhJyWTV9OhKCweftsRZQmFD8/wDQ09WBIw rMbzZD6T1KJabO9pPtR1JA=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=C9ry4XKGgV9Y/FOlCpkH +Ui8eSo=; b=N4baMI5+F4onUBYYBZKiOI1ZrCZ4UulP+iqvsbkMzMQfI1UkqusH z1bkmMexQidCXqXK1xiC5eNUrHfnMQGWYI+RuG8H/0Iz1uB4XUUrRwZ8z3/WSKHp q0YnxlwkJnmbx94Axe0S8mJlXmrw2X+6svNaoZSRMSDiRQU74YI2feE=
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a32.g.dreamhost.com (Postfix) with ESMTPSA id 681FB584057 for <kitten@ietf.org>; Sat, 9 Apr 2011 01:04:15 -0700 (PDT)
Received: by vws12 with SMTP id 12so3945776vws.31 for <kitten@ietf.org>; Sat, 09 Apr 2011 01:04:14 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.100.1 with SMTP id eu1mr1339137vdb.174.1302336254746; Sat, 09 Apr 2011 01:04:14 -0700 (PDT)
Received: by 10.52.166.42 with HTTP; Sat, 9 Apr 2011 01:04:14 -0700 (PDT)
Received: by 10.52.166.42 with HTTP; Sat, 9 Apr 2011 01:04:14 -0700 (PDT)
In-Reply-To: <878377.41252.qm@web32303.mail.mud.yahoo.com>
References: <20110408070506.12ECB3A6A4C@core3.amsl.com> <416848.75882.qm__16525.0710481361$1302247955$gmane$org@web32314.mail.mud.yahoo.com> <87hba9b13i.fsf@latte.josefsson.org> <tsl4o684s5q.fsf@mit.edu> <754979.46407.qm@web32303.mail.mud.yahoo.com> <tslr59c3asv.fsf@mit.edu> <7EE86E89365CA94F8E7B8251F926071007AC12BC@CIO-KRC-D1MBX01.osuad.osu.edu> <tslipuo378b.fsf@mit.edu> <7EE86E89365CA94F8E7B8251F926071007AC141F@CIO-KRC-D1MBX01.osuad.osu.edu> <BANLkTi=XyB7cAF7wmC0mjQKgNsbWhT7QgA@mail.gmail.com> <991228.73942.qm@web32303.mail.mud.yahoo.com> <BANLkTik+=s2eQiNcLjTpzWNdwR--MLdOEQ@mail.gmail.com> <277844.39554.qm@web32314.mail.mud.yahoo.com> <BANLkTikqPT1m6gL47yBuFcjzArb1xHwhEw@mail.gmail.com> <878377.41252.qm@web32303.mail.mud.yahoo.com>
Date: Sat, 09 Apr 2011 03:04:14 -0500
Message-ID: <BANLkTin_Pb=bOm4S54geCTX+ZigFvfXKmw@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: "William J. Mills" <wmills@yahoo-inc.com>
Content-Type: multipart/alternative; boundary="20cf3071c6fcd7a1eb04a077c900"
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] CB data characteristics Re: Fw: New Version Notification for draft-mills-kitten-sasl-oauth-02
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Apr 2011 08:02:31 -0000

On Apr 9, 2011 2:27 AM, "William J. Mills" <wmills@yahoo-inc.com> wrote:
>
> So, I think the way to go in this mechanism is to send the channel binding
type identifier and a SHA-1 hash of the channel binding data.  If the CB
data is short I suppose we could optimise it, but I like simple for this.

Uh, so i did tell you one thing wrong earlier: CB data will generally be
small.  The TLS CB types are small...  If you assume they'll be small then
you can dispense with the hash and any hash algorithm agility issues.  Sorry
about that!

Nico
--

v2.23.0 | Report a Bug | By Email