Re: [kitten] WGLC for three "bis" documents: draft-ietf-kitten-rfc4402bis-00, draft-ietf-kitten-rfc5653bis-01, draft-ietf-kitten-rfc6112bis-00

Greg Hudson <ghudson@mit.edu> Thu, 05 February 2015 07:17 UTC

Return-Path: <ghudson@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB8B51A1A5B for <kitten@ietfa.amsl.com>; Wed, 4 Feb 2015 23:17:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JZTRQX_ObeRh for <kitten@ietfa.amsl.com>; Wed, 4 Feb 2015 23:17:43 -0800 (PST)
Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B58FA1A039B for <kitten@ietf.org>; Wed, 4 Feb 2015 23:17:42 -0800 (PST)
X-AuditID: 12074425-f798e6d000000d1a-5b-54d319154043
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-8.mit.edu (Symantec Messaging Gateway) with SMTP id 0E.61.03354.51913D45; Thu, 5 Feb 2015 02:17:41 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id t157HZGk012923; Thu, 5 Feb 2015 02:17:35 -0500
Received: from [18.101.8.241] (vpn-18-101-8-241.mit.edu [18.101.8.241]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t157HXHx009194 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 5 Feb 2015 02:17:34 -0500
Message-ID: <54D3190D.8080003@mit.edu>
Date: Thu, 05 Feb 2015 02:17:33 -0500
From: Greg Hudson <ghudson@mit.edu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Weijun Wang <weijun.wang@oracle.com>, Benjamin Kaduk <kaduk@mit.edu>, kitten@ietf.org
References: <alpine.GSO.1.10.1501201753140.23489@multics.mit.edu> <54CE9F5B.9070808@mit.edu> <54CEE8E5.5080701@oracle.com> <54D2FCD5.6060404@oracle.com>
In-Reply-To: <54D2FCD5.6060404@oracle.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrLIsWRmVeSWpSXmKPExsUixG6nrisqeTnEYM12YYujm1exWHxduoHZ gcljyZKfTB4fn95iCWCK4rJJSc3JLEst0rdL4Mp4enEma8FGzorPa90bGC+wdzFyckgImEjM /LSdEcIWk7hwbz1bFyMXh5DAYiaJXQ+msEA4GxglWv7fYIVwDjNJrDm7nhWkhVdATWL6ij4W EJtFQFXiVtN2MJtNQFli/f6tQDYHh6hAmMT5ZkaIckGJkzOfgJWICCRJtDUvYQKZKSwwk1Gi 80wzE8SCGYwSmz/sAbuPU0BLou3kCbBuZgE9iR3Xf7FC2PIS29/OYZ7AKDALyeBZSMpmISlb wMi8ilE2JbdKNzcxM6c4NVm3ODkxLy+1SNdCLzezRC81pXQTIzhUXVR3ME44pHSIUYCDUYmH 12LfpRAh1sSy4srcQ4ySHExKoryxvJdDhPiS8lMqMxKLM+KLSnNSiw8xSnAwK4nwanIA5XhT EiurUovyYVLSHCxK4rybfvCFCAmkJ5akZqemFqQWwWRlODiUJHgnigM1ChalpqdWpGXmlCCk mTg4QYbzAA2fDVLDW1yQmFucmQ6RP8WoKCXO2wWSEABJZJTmwfXCUskrRnGgV4R5V4JU8QDT EFz3K6DBTECDZS9eABlckoiQkmpgjL3X05n8nK18XtkPsQNHxNjbVLkeews+3vg+52TUiU2L l0r/czXhjYuoNW/ZmlnqEa5X6HHon/+a9yHlgpOn7RTYpql27G7S8nXrojpvHdC/NrWde2f6 0xvPn7zea6Bpn7GsQzRH7dvVmB/sooeWXTv+43mVrsKKpctWbPPabT5HfjVj6g+7NCWW4oxE Qy3mouJEAHvyQ6YAAwAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/4nFn5DnROyyNjJhW4_SRbf-l2nk>
Subject: Re: [kitten] WGLC for three "bis" documents: draft-ietf-kitten-rfc4402bis-00, draft-ietf-kitten-rfc5653bis-01, draft-ietf-kitten-rfc6112bis-00
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Feb 2015 07:17:46 -0000

On 02/05/2015 12:17 AM, Weijun Wang wrote:
> On 2/2/2015 11:03, Weijun Wang wrote:
>>>> http://tools.ietf.org/html/draft-ietf-kitten-rfc5653bis-01
>>>
>>> My only substantive note is that the InputStream/OutputStream forms of
>>> initSecContext/acceptSecContext could, perhaps, already write tokens to
>>> the outStream parameter before throwing an exception, instead of
>>> communicating them in the exception.  If this issue has already been
>>> discussed, please ignore this remark.  If not, I suspect it might be
>>> easier on callers (but perhaps harder on implementations) just to
>>> require that callers flush or otherwise handle content in the output
>>> stream after an exception.  I do not have a strong interest in how this
>>> turns out, though.
>>
>> The main reason I preferred the current design is to be consistent with
>> the byte array forms of the methods, which gives the caller the chance
>> to determine whether the error token should be sent or not.
> 
> Are you OK with this reason?

As I said, I don't have a strong opinion either way, but I'm not sure
why it would be important or useful to give the caller a chance to
decline to send an error token.