IETF Logo Mail Archive

Re: Working Group Last Call: Stackable Generic Security Service

Martin Rex <martin.rex@sap.com> Tue, 07 November 2006 19:30 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GhWeM-0003v9-MB; Tue, 07 Nov 2006 14:30:22 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GhWeL-0003uw-U5 for kitten@ietf.org; Tue, 07 Nov 2006 14:30:22 -0500
Received: from smtpde03.sap-ag.de ([155.56.68.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GhWeJ-00028Y-GV for kitten@ietf.org; Tue, 07 Nov 2006 14:30:21 -0500
Received: from sap-ag.de (smtpde03) by smtpde03.sap-ag.de (out) with ESMTP id UAA25784 for <kitten@ietf.org>; Tue, 7 Nov 2006 20:30:17 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200611071930.UAA16317@uw1048.wdf.sap.corp>
Orig-To: jaltman@secure-endpoints.com
To: kitten@ietf.org
Date: Fri, 03 Nov 2006 17:48:40 +0100
In-Reply-To: <45367FF9.4090306@secure-endpoints.com> from "Jeffrey Altman" at Oct 18, 6 03:26:49 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-Spam-Score: 1.1 (+)
X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8
Cc: Nicolas.Williams@sun.com
Subject: Re: Working Group Last Call: Stackable Generic Security Service
X-BeenThere: kitten@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: Common Authentication Technologies - Next Generation <kitten.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/kitten>
List-Post: <mailto:kitten@lists.ietf.org>
List-Help: <mailto:kitten-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@lists.ietf.org?subject=subscribe>
Errors-To: kitten-bounces@lists.ietf.org

Jeffrey, Nico,

Jeffrey Altman wrote:
> 
> The Kitten Chair has received a request to submit
> "Stackable Generic Security Service Pseudo-Mechanisms"
> <http://www.ietf.org/internet-drafts/draft-ietf-kitten-stackable-pseudo-mechs-02.txt>
> to the IESG for publication as a Proposed Standard.
> 
> The working group last call will terminate at 00:00 EST 2 November 2006.

I'm sorry, It looks like I missed the last call period.
So I'm sending this to you directly.

Stackable pseudo-mechanisms looks very ambitious to me -- a magnitude
more ambitious than binary plug'n'play with shared libraries.

I can not seriously comment on the document, because I lack the time
to read it carefully and think about it, and I don't have any implementation
or usage experience with this concept.

Two observations:
 - A lot of existing gss-api mechanism do not return a mechanism OID
   from failing (initial) gss_init_sec_context() and gss_accept_sec_context()
   while at the same time they return a mechanism-specific minor_status.
   This may create a difficulty for gss_display_status(minor_status)
   to identify the particular gssapi mechanims that created this
   minor status.

 - The reason for CAT to drop gss_release_oid() and friends from
   the v2 spec was the incompatibilities between different
   heap (m)allocators, and the resulting problem for gss_release_oid()
   to distinguish (originally purely-static) OIDs from dynamic ones
   created by the gssapi mechanism.  On Windows and OS/2, each DLL
   may use its own/seperate instance of a heap (m)allocater, and
   considering the explosion of incompaible MSVCRT.DLLs (VS.NET 2003/2005)
   using the WinSxS scheme, this is actually the norm today for software
   that meets in the field (and is not produced in a single compile).

   So it would be useful to re-iterate in the description of
   gss_release_oid() that all OIDs from the exiting gss-api v2
   functions are static/readonly and must NOT be passed to
   this new optional function.  The current wording
   "by another GSS-API call, specifically ..." sounds ambiguous
   in a dangerous fashion.


I'm not sure who might be the real target audience for the
stackable GSS Mech spec.  IMHO, it's not the portable applications
writer that call gss-api v2.

How would a portable application writer benefit from CCM?  Would it
require a gss-api (multi-)mechanism that used these extensions
to provide the benefit in a gss-api v2 transparent fashion?


-Martin








_______________________________________________
Kitten mailing list
Kitten@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/kitten

v2.23.0 | Report a Bug | By Email