Re: [sasl] SASL and KITTEN-WG Merger

Nicolas Williams <> Mon, 10 May 2010 14:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 27B783A6995; Mon, 10 May 2010 07:57:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.245
X-Spam-Status: No, score=-3.245 tagged_above=-999 required=5 tests=[AWL=0.939, BAYES_40=-0.185, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id vpzvmNEeVCtU; Mon, 10 May 2010 07:57:21 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 253863A6951; Mon, 10 May 2010 07:57:21 -0700 (PDT)
Received: from ( []) by (Switch-3.4.2/Switch-3.4.1) with ESMTP id o4AEv4mS012486 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 10 May 2010 14:57:05 GMT
Received: from ( []) by (Switch-3.4.2/Switch-3.4.1) with ESMTP id o4AEuxAC028383; Mon, 10 May 2010 14:57:02 GMT
Received: from by with ESMTP id 227879541273503417; Mon, 10 May 2010 07:56:57 -0700
Received: from (/ by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 10 May 2010 07:56:56 -0700
Date: Mon, 10 May 2010 09:56:49 -0500
From: Nicolas Williams <>
To: Simon Josefsson <>
Subject: Re: [sasl] SASL and KITTEN-WG Merger
Message-ID: <>
References: <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.20 (2010-03-02)
X-Auth-Type: Internal IP
X-Source-IP: []
X-CT-RefId: str=0001.0A090208.4BE81EC2.0165:SCFMA4539811,ss=1,fgs=0
Cc:,, Eliot Lear <>
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 10 May 2010 14:57:22 -0000

On Sun, May 09, 2010 at 05:13:33PM +0200, Simon Josefsson wrote:
> Eliot Lear <> writes:
> > I find it hard to have this discussion without understanding what the
> > new charter would be.  Is there a pointer somewhere?  We had
> > discussions relating to our SAML/OpenID SASL drafts being handled by
> > the new group, but I don't know what would be in scope.
> To me, the SAML/OpenID mechanisms are perhaps the most important work
> item for a new working group, so I would be disappointed if it is not
> mentioned in the charter.

I don't care if the work Eliot mentions goes in this WG or a separate
WG as long as the work gets done :)

To start, the proposal to merge these two WGs is fairly straightforward
since merging the two charters presents only one minor conflict and
since both the GSS-API and SASL have been converging to a large degree.
The one minor conflict is that KITTEN was not chartered to work on
mechanisms, but SASL did do work on mechanisms (SCRAM, MD5-DIGEST, ...).
I think that is easy to resolve: let the new WG work on mechanisms in
general, or else list the kinds of mechanisms that the new WG may work
on, or, if we think we don't need any new mechanisms, then don't allow
the new WG to work on any.