IETF Logo Mail Archive

Re: GSS_Inquire_name()

Nicolas Williams <Nicolas.Williams@sun.com> Tue, 15 September 2009 20:41 UTC

Return-Path: <Nicolas.Williams@sun.com>
X-Original-To: kitten@core3.amsl.com
Delivered-To: kitten@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D34C83A6B99 for <kitten@core3.amsl.com>; Tue, 15 Sep 2009 13:41:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.853
X-Spam-Level:
X-Spam-Status: No, score=-5.853 tagged_above=-999 required=5 tests=[AWL=0.193, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ubSrJSJp2zFg for <kitten@core3.amsl.com>; Tue, 15 Sep 2009 13:41:39 -0700 (PDT)
Received: from brmea-mail-4.sun.com (brmea-mail-4.Sun.COM [192.18.98.36]) by core3.amsl.com (Postfix) with ESMTP id 505AE3A6B61 for <kitten@ietf.org>; Tue, 15 Sep 2009 13:41:39 -0700 (PDT)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by brmea-mail-4.sun.com (8.13.6+Sun/8.12.9) with ESMTP id n8FKgPQh006581 for <kitten@ietf.org>; Tue, 15 Sep 2009 20:42:26 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id n8FKgPwg015591 for <kitten@ietf.org>; Tue, 15 Sep 2009 14:42:25 -0600 (MDT)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3) with ESMTP id n8FKVNJA018033; Tue, 15 Sep 2009 15:31:23 -0500 (CDT)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3/Submit) id n8FKVLha018032; Tue, 15 Sep 2009 15:31:21 -0500 (CDT)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Tue, 15 Sep 2009 15:31:21 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Luke Howard <lukeh@padl.com>
Subject: Re: GSS_Inquire_name()
Message-ID: <20090915203120.GG1033@Sun.COM>
References: <AF1D4318-2678-458E-B6E4-406D8D8F802F@kth.se> <200909140938.26528.leifj@sunet.se> <A261EDF3-32B8-478E-BDC8-98D7CE2D7424@kth.se> <200909141007.20611.leifj@mnt.se> <9A980EBA-02D0-430F-A273-285685D61C8B@padl.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <9A980EBA-02D0-430F-A273-285685D61C8B@padl.com>
User-Agent: Mutt/1.5.7i
Cc: "kitten@ietf.org" <kitten@ietf.org>
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Sep 2009 20:41:41 -0000

On Tue, Sep 15, 2009 at 10:06:47PM +0200, Luke Howard wrote:
> >>Are all names in all or just the one that are not in asserted/
> >>authenticaticated names ?
> >>
> >>Love
> >
> >Do you mean "are there attributes that are neither asserted nor
> >authenticated?"
> 
> As an implementer this left me completely confused too.
> 
> BTW, see:
> 
> 	http://k5wiki.kerberos.org/wiki/Projects/VerifyAuthData
> 
> for actual implementation experience.

I can't quite remember what I had intended :(

I think I must have meant 'all_attrs' to be the union of the other two
purely for conviennce.  But on second (or third) thought I can't see why
an app might care for attrs without caring as to whether they are
authenticated or asserted.

(Also, there is the more general problem of what entity authenticated a
given attribute.  But for now I think GSS_Inquire_name() is plenty good
enough, minus the all_attrs argument anyways.)

Nico
--

v2.23.0 | Report a Bug | By Email