Re: [kitten] BrowserID mutual auth
Peter Saint-Andre <stpeter@stpeter.im> Fri, 26 April 2013 01:23 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB49521F92C0 for <kitten@ietfa.amsl.com>; Thu, 25 Apr 2013 18:23:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rb-0ybsSnNik for <kitten@ietfa.amsl.com>; Thu, 25 Apr 2013 18:23:57 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 9D44D21F8FEB for <kitten@ietf.org>; Thu, 25 Apr 2013 18:23:57 -0700 (PDT)
Received: from ergon.local (unknown [71.237.13.154]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 0DC514004E; Thu, 25 Apr 2013 19:34:54 -0600 (MDT)
Message-ID: <5179D72F.1070209@stpeter.im>
Date: Thu, 25 Apr 2013 19:23:59 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: Luke Howard <lukeh@padl.com>
References: <20130415154204.679F31A6AF@ld9781.wdf.sap.corp> <1BF2FA2B-C54F-4C78-AD7E-52A409F234B0@padl.com> <32A1B85C-CB2B-4E9E-BC71-597E70199D01@padl.com> <CAK3OfOhbJ6aKiCBotw9sxMUvdc17m=rMh+-VAcv_kL-mf6JtNg@mail.gmail.com> <17ADC929-0EAD-482D-AA4B-9F6B3E639871@padl.com> <tslwqrqfinl.fsf@mit.edu> <BDB39F5F-8C51-4E79-B6C0-EC4F1D8276F8@padl.com> <tslsj2eff6w.fsf@mit.edu> <29793AD7-8E18-4087-906C-4047CEFD1C66@padl.com>
In-Reply-To: <29793AD7-8E18-4087-906C-4047CEFD1C66@padl.com>
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "kitten@ietf.org" <kitten@ietf.org>, Nico Williams <Nico103@gmail.com>, Sam Hartman <hartmans-ietf@mit.edu>
Subject: Re: [kitten] BrowserID mutual auth
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 01:23:59 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 4/25/13 4:02 PM, Luke Howard wrote: > > On 25/04/2013, at 10:55 PM, Sam Hartman <hartmans-ietf@mit.edu> > wrote: > >> Yes. I'm fairly sure CAs will issue neither. >> >> I'm definitely in favor of SRV SAN over a URN for GSS service >> names. I thought you were talking about URI sans like >> xmpp://painless-security.com > > No, that would introduce another set of mapping problems. URIs in > GSS BrowserID look like urn:x-gss:spn where spn is a Kerberos-like > service name. For example, urn:x-gss:xmpp/painless-security.com. > > Hopefully we can get a non-experimental URN assigned when we > progress the draft (tips, anyone?) Hi Luke, I'm happy to help with that. It's really quite straightforward. See RFC 3406 and draft-ietf-urnbis-rfc3406bis-urn-ns-reg-05. Peter P.S. Oh, and if I have my way, experimental URN namespaces will be going away... :-) http://tools.ietf.org/html/draft-ietf-urnbis-rfc3406bis-urn-ns-reg-05#section-5 -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRedcvAAoJEOoGpJErxa2p7EQQAKUMfLHVd9YOjO6HEPijUkeR Bz+Kx5aMk2+wJLaf/kBP99olKshLUllXijRbFL8YRfkzdBpXie6eK49RB4Nw1zHe 9Ttz/ISbEaekzWwL9bO21RUhDwHVS7aEV0PqtUL8zAOzYaNyvOlwv0kBVlZ8iMBD 7t1txgnavZl5wcHUV0j/9oP+0dL0NcM4UYXk6rM5ipMIbTJD9g3y75VpLagm2iyq 1PsAZrmRmNJvI68CddHzEJvV9nBUskYPQJB4FHVFz439qExUrtC30Ax4++PPaIK9 gb2V3DEEh1ucrL9SFT7YlnBYYoy2H+dcCGyssLTTAiyrUxQoMR5/C977STRMEwU2 VWSas3imEFcLezWy1NQ7gC7ZsW98sRu4VnLYMaxgMABNb+iagBYOghYKL4MCC1Vz 51qQxYLztMu8vu1OgVNdpERGRjUbyBnP3Lwu0R85dnV9aEOBXhEzpVJ0GFEIwBW3 tjxVbE+B8gW7rCzg6lgzu6GwtrUTuFp5WsIlBoejJ/oF4zC/t2SXDh0g7iuLhGbh n59NGQND4suqBgFylgic1NPJ/GCaD+XkNZ+IN20EP3p8UXCiG4ZfmS5C4M3tdOYX hG13DKY3D2AbylBfeinRtIk/tJxaWYzb3kKPVio/IdefiafrR51PMTNAWCVZLLtC EK78+YtcPocYeD6jdbKu =St9Q -----END PGP SIGNATURE-----
- Re: [kitten] BrowserID mutual auth Martin Rex
- [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Martin Rex
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Larry Zhu
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Jim Schaad
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Peter Saint-Andre
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Jeffrey Hutzelman
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Sam Hartman
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Sam Hartman
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Sam Hartman
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Nico Williams
- Re: [kitten] BrowserID mutual auth Peter Saint-Andre
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Peter Saint-Andre
- Re: [kitten] BrowserID mutual auth Martin Rex
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard
- Re: [kitten] BrowserID mutual auth Luke Howard