IETF Logo Mail Archive

Re: [kitten] Critical authorization data in Kerberos

Benjamin Kaduk <kaduk@MIT.EDU> Fri, 22 August 2014 15:19 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 095251A0342 for <kitten@ietfa.amsl.com>; Fri, 22 Aug 2014 08:19:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.869
X-Spam-Level:
X-Spam-Status: No, score=-4.869 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6WnebltK3oYx for <kitten@ietfa.amsl.com>; Fri, 22 Aug 2014 08:19:00 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4B531A032C for <kitten@ietf.org>; Fri, 22 Aug 2014 08:18:59 -0700 (PDT)
X-AuditID: 12074423-f799d6d00000337c-49-53f75f622a31
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 42.C7.13180.26F57F35; Fri, 22 Aug 2014 11:18:58 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id s7MFIvTK027490 for <kitten@ietf.org>; Fri, 22 Aug 2014 11:18:57 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s7MFItO7020981 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <kitten@ietf.org>; Fri, 22 Aug 2014 11:18:57 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s7MFItqr005895; Fri, 22 Aug 2014 11:18:55 -0400 (EDT)
Date: Fri, 22 Aug 2014 11:18:55 -0400
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: "kitten@ietf.org" <kitten@ietf.org>
In-Reply-To: <CAK3OfOjM_hzN7czNcM9TwMjzQx0ZwFTswtHdLf=hPFjyi_7QMQ@mail.gmail.com>
Message-ID: <alpine.GSO.1.10.1408221118220.21571@multics.mit.edu>
References: <x7d7g2r0w58.fsf@equal-rites.mit.edu> <20140804161454.GH3579@localhost> <alpine.GSO.1.10.1408151401490.21571@multics.mit.edu> <1408668228.5360.46.camel@destiny.pc.cs.cmu.edu> <CAK3OfOjM_hzN7czNcM9TwMjzQx0ZwFTswtHdLf=hPFjyi_7QMQ@mail.gmail.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrFIsWRmVeSWpSXmKPExsUixG6nopsU/z3YoKtX2OLo5lUsDoweS5b8 ZApgjOKySUnNySxLLdK3S+DKOLRTvWAlY8X8L8tZGxgbGbsYOTkkBEwkXl6YzwJhi0lcuLee rYuRi0NIYDaTRO+7aywQznFGiTOtJ5khnBtMEue+nGCFcBoYJeaumwQ2i0VAW2LN5mY2EJtN QEVi5puNYLaIgLrE3kNTwXYIC9hK9N06xw5icwoESnQ33GACsXkFHCUmvbnICDH0P6NE7/1+ sCJRAR2J1funsEAUCUqcnPkEzGYW0JJYPn0bywRGgVlIUrOQpBYwMq1ilE3JrdLNTczMKU5N 1i1OTszLSy3SNdPLzSzRS00p3cQIDkAX5R2Mfw4qHWIU4GBU4uFVsPoeLMSaWFZcmXuIUZKD SUmUd0MMUIgvKT+lMiOxOCO+qDQntfgQowQHs5II71wboBxvSmJlVWpRPkxKmoNFSZz3rbVV sJBAemJJanZqakFqEUxWhoNDSYLXMg6oUbAoNT21Ii0zpwQhzcTBCTKcB2i4GkgNb3FBYm5x ZjpE/hSjMcee9pe9TBwtTW97mYRY8vLzUqXEeZfHApUKgJRmlObBTYMlkVeM4kDPCfOWgwzk ASYguHmvgFYxAa2aPuMryKqSRISUVAOj6Yz9Z2NZFvFXHubieHxyz+bX6cztWXlabivaN+/m POxt8aa16ds27TsXP82dddWAP1ia2+9MhzTT629x2f7xamtOregPe/ZBfL6jEEPx/5O3wsyu 32p2ctjSlD0xZ2aPcnN19dYf06eI+BxMzzs04Z2SW9J1vr1fqtyZGixsj2/q/vxzap6vEktx RqKhFnNRcSIA40Z1nP0CAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/5SW-UgaaS5nlujOSLZQQLgZh434
Subject: Re: [kitten] Critical authorization data in Kerberos
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Aug 2014 15:19:05 -0000

On Thu, 21 Aug 2014, Nico Williams wrote:

> Sold.  Let's make AD non-critical by default.

I guess we'll need a separate document to make it so, though...

-Ben

v2.29.0 | Report a Bug | By Email | System Status