Re: [kitten] Updating IANA krb5 GSSAPI token type registry
Sam Hartman <hartmans-ietf@mit.edu> Thu, 06 March 2014 10:20 UTC
Return-Path: <hartmans@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39B221A022F for <kitten@ietfa.amsl.com>; Thu, 6 Mar 2014 02:20:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pl26XVLr4ZvC for <kitten@ietfa.amsl.com>; Thu, 6 Mar 2014 02:20:29 -0800 (PST)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) by ietfa.amsl.com (Postfix) with ESMTP id E87091A0220 for <kitten@ietf.org>; Thu, 6 Mar 2014 02:20:28 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 39643206AA; Thu, 6 Mar 2014 05:15:55 -0500 (EST)
Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WvWZGnC_JWSX; Thu, 6 Mar 2014 05:15:55 -0500 (EST)
Received: from carter-zimmerman.suchdamage.org (unknown [130.129.155.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Thu, 6 Mar 2014 05:15:51 -0500 (EST)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id F40FB83F8E; Thu, 6 Mar 2014 05:20:19 -0500 (EST)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: Benjamin Kaduk <kaduk@MIT.EDU>
References: <20130806223553.CD3401A8EC@ld9781.wdf.sap.corp> <29F4D66E-3E8F-4033-8779-8EA158C1B72A@padl.com> <alpine.GSO.1.10.1308062018070.24720@multics.mit.edu> <alpine.GSO.1.10.1309041148130.16692@multics.mit.edu> <alpine.GSO.1.10.1403041135510.1213@multics.mit.edu> <tslzjl4ohbn.fsf@mit.edu> <1394031556.4290.53.camel@destiny.pc.cs.cmu.edu> <5317BD6E.6080309@oracle.com> <alpine.GSO.1.10.1403051916110.1213@multics.mit.edu>
Date: Thu, 06 Mar 2014 05:20:19 -0500
In-Reply-To: <alpine.GSO.1.10.1403051916110.1213@multics.mit.edu> (Benjamin Kaduk's message of "Wed, 5 Mar 2014 19:41:20 -0500 (EST)")
Message-ID: <tslpplzvdb0.fsf@mit.edu>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/4yCoWrrtJOaXDNCmLhw4y0Utt-g
Cc: kitten@ietf.org
Subject: Re: [kitten] Updating IANA krb5 GSSAPI token type registry
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2014 10:20:30 -0000
So, my understanding of the situation is that we have an implementation that has chosen to ship code prior to completion of a spec in two instances. 1) CFX. In that instance, the spec evolved differently than anticipated and no longer standardizes the behavior MIT implements. 2) Iakerb. There, we still expect that the spec will use the same value as MIT. In the CFX case, I don't actually see any significant harm that would result if we were to assign the codepoint MIT uses to something else. It would be bad if we assigned that codepoint to some token other than a context deletion token intended to be passed into gss_process_context_token. However, there are no such tokens and there are no extensions under discussion that would create such tokens. In general, when you ship a draft, you take on responsibility for dealing if the IETF process doesn't go the way you anticipate. Doing that is part of doing business; it's definitely the case that there are times when you end up shipping based on drafts. I'm aware of the iakerb issue, and if iakerb moves forward at a reasonable speed, I'll certainly keep its assignment preference in mind when reviewing other allocations. IANA expert decisions can be appealed; you'd first file an appeal with me, and then I'm not sure whether it goes to the IESG as a whole or the security AD.
- [kitten] I-D Action: draft-ietf-kitten-iakerb-00.… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-iakerb… Benjamin Kaduk
- [kitten] Updating IANA krb5 GSSAPI token type reg… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-iakerb… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Tom Yu
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Martin Rex
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Luke Howard
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Martin Rex
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Luke Howard
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Simo Sorce
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Jeffrey Hutzelman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Martin Rex
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Simo Sorce
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Sam Hartman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Jeffrey Hutzelman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Shawn M Emery
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Sam Hartman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Jeffrey Hutzelman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Sam Hartman