Re: [kitten] GSS-API and timeouts
Martin Rex <mrex@sap.com> Wed, 04 April 2012 17:30 UTC
Return-Path: <mrex@sap.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3681B21F8732 for <kitten@ietfa.amsl.com>; Wed, 4 Apr 2012 10:30:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.098
X-Spam-Level:
X-Spam-Status: No, score=-10.098 tagged_above=-999 required=5 tests=[AWL=0.151, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g1io882Xa5L4 for <kitten@ietfa.amsl.com>; Wed, 4 Apr 2012 10:30:57 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id 4B62621F868C for <kitten@ietf.org>; Wed, 4 Apr 2012 10:30:57 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id q34HUt6Y028129 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 4 Apr 2012 19:30:55 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201204041730.q34HUtU1005681@fs4113.wdf.sap.corp>
To: simon@josefsson.org
Date: Wed, 04 Apr 2012 19:30:55 +0200
In-Reply-To: <87obr7lfqc.fsf@latte.josefsson.org> from "Simon Josefsson" at Apr 4, 12 04:43:39 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
Cc: kitten@ietf.org
Subject: Re: [kitten] GSS-API and timeouts
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2012 17:30:58 -0000
Simon Josefsson wrote: > > When implementing the GSS-API part of OPENID20/SAML20 I noticed that the > processes can hang waiting for a long time. Server may want to wait one > minute or more to allow a user to finish the IdP authentication. What kind of waiting are you thinking of here? Isn't this waiting for the initiator to send outstanding context tokens, which by itself is asynchronous, rather than the server blocking on a gss_accept_sec_context() call? -Martin
- Re: [kitten] GSS-API and timeouts Martin Rex
- [kitten] GSS-API and timeouts Simon Josefsson
- Re: [kitten] GSS-API and timeouts William Mills
- Re: [kitten] GSS-API and timeouts Simo Sorce
- Re: [kitten] GSS-API and timeouts Nico Williams
- Re: [kitten] GSS-API and timeouts Simon Josefsson
- Re: [kitten] GSS-API and timeouts Simon Josefsson
- Re: [kitten] GSS-API and timeouts Simon Josefsson
- Re: [kitten] GSS-API and timeouts Martin Rex
- Re: [kitten] GSS-API and timeouts Nico Williams
- Re: [kitten] GSS-API and timeouts Nico Williams
- Re: [kitten] GSS-API and timeouts William Mills
- Re: [kitten] GSS-API and timeouts Simon Josefsson
- Re: [kitten] GSS-API and timeouts Simon Josefsson
- Re: [kitten] GSS-API and timeouts Russ Allbery
- Re: [kitten] GSS-API and timeouts Nico Williams
- Re: [kitten] GSS-API and timeouts Luke Howard
- Re: [kitten] GSS-API and timeouts Russ Allbery