IETF Logo Mail Archive

Re: [kitten] sasl-oauth "user" as a kvpair or in the gs2 header?

Bill Mills <wmills@yahoo-inc.com> Mon, 03 March 2014 19:43 UTC

Return-Path: <wmills@yahoo-inc.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D4971A0341 for <kitten@ietfa.amsl.com>; Mon, 3 Mar 2014 11:43:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.22
X-Spam-Level:
X-Spam-Status: No, score=-16.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NEUTRAL=0.779, USER_IN_DEF_WHITELIST=-15] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 24fND6cdC4Pt for <kitten@ietfa.amsl.com>; Mon, 3 Mar 2014 11:43:28 -0800 (PST)
Received: from mrout1-b.corp.bf1.yahoo.com (mrout1-b.corp.bf1.yahoo.com [98.139.253.104]) by ietfa.amsl.com (Postfix) with ESMTP id AF0621A030D for <kitten@ietf.org>; Mon, 3 Mar 2014 11:43:28 -0800 (PST)
Received: from BF1-EX10-CAHT02.y.corp.yahoo.com (bf1-ex10-caht02.corp.bf1.yahoo.com [10.74.209.57]) by mrout1-b.corp.bf1.yahoo.com (8.14.4/8.14.4/y.out) with ESMTP id s23Jh0xM010060 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <kitten@ietf.org>; Mon, 3 Mar 2014 11:43:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yahoo-inc.com; s=cobra; t=1393875781; bh=qw2RG1F258uu1IVqkPdx+49VMq4ewwEPxQpaiytgw0g=; h=References:Date:From:Reply-To:Subject:In-Reply-To; b=leALCTFqDMno98SxD+S03mxv3FVmnZsFYKoJUstGVgXm9g7oHu4iQHSmgCs0LHotJ 0ksGxYAw4X3xNlQ9uOw+9YcU8vib2v7YG5JFECT4hYZ/oGchZ13YiH0KyHVr1UEXd+ gUOn6T1ioYxq9Lwkih1ogNS1qOzMeesoMCNinF38=
Received: from omp1063.mail.ne1.yahoo.com (98.138.226.162) by BF1-EX10-CAHT02.y.corp.yahoo.com (10.74.209.170) with Microsoft SMTP Server (TLS) id 14.3.181.6; Mon, 3 Mar 2014 14:42:59 -0500
Received: (qmail 82442 invoked by uid 1000); 3 Mar 2014 19:42:59 -0000
Received: (qmail 27179 invoked by uid 60001); 3 Mar 2014 19:42:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1393875779; bh=zfJnGc61wr6QtsGNn3ll2aehCYMN/XYVp9pVdThkNOc=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=FMGBdowbkxUOdPGDFeqK4s1anJmYfNqn0nZstdV1w+IWfzxsXccJgCE5vvOnkaP/21INeaGapGZXrsswzJ9Fm504/Qf7YmEHU/2DPMSnveHkbexOZ3D1vob7VDNuegiRzhcBg+9aJnreCV98PG20OKd0gF15vOaNu/svC81FJ60=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=AbGzFhpSuZiY89N5B4TnPTDoug4411GHvaaan3Of6WVX3IxzZuZ+KFmGFg3zlhYaAAQQko5WWlqTHDXZmcJgaz2moiOb348UW8ZuKeMLEMHh5XnMiHIFwFKgeRBOOHLuQc2ll5AlHZkqem494b+u0997r23AYo6trprSbPXN3xU=;
X-YMail-OSG: 0x9LS20VM1mXHy6KFBOxEGvQ.YFDIWT9wu3cccz8K1I4J4K TpvyECGYd_J8i.clEtOWiRFT1LfOtkfTn3BSQF9Oe9cQ8vdQfbjciUsZfHtd s8R1f4c8IDQfmH_iap4Ujra0IwW3z2ZghuP_xDxPDdoBoDJjeSKcgMPfC1MI TO9Mw2oNKFxb2BjYKiGsM4ABscS.O8gTcQA8DDYDYWTj5iGgroCM8hMA6xEd iwIV.8qbvCbEn6voaiBsFNdRwstQeBm0b00V_LLc02Xb_TA_pEemp9ZspPEs jd4CfQakZQnV2BVWzUuCh98OxZm_mHCSg
Received: from [31.133.161.94] by web125604.mail.ne1.yahoo.com via HTTP; Mon, 03 Mar 2014 11:42:59 PST
X-Rocket-MIMEInfo: 002.001, V2VsbCB0aGF0IGNlcnRhaW5seSB3YXNuJ3QgY2xlYXIuwqAgCgoKVGhlICpvbmx5KiB0aGluZyB3ZSBhdm9pZCBpZiB3ZSBrZWVwIHRoZSBHUzIgaGVhZGVyIGlzIGR1cGxpY2F0aW5nIHRoZSB1c2VybmFtZSBpbiB0aGUgR1MyIGhlYWRlciBhbmQgYWJvdXQgNiBleHRyYSBieXRlcyBpZiB0aGVyZSBldmVyIGlzIGEgR1MyIGJpbmRpbmcgZm9yIE9BdXRoLsKgIFllcyBpdCdzIGNsZWFuZXIgaWYgd2UgbGVhdmUgdGhlIEdTMiBoZWFkZXIgc3R1YiBpbiB0aGVyZSBpZiBHUzIgZXZlciBnZXRzIGltcGxlbWVudGUBMAEBAQE-
X-Mailer: YahooMailWebService/0.8.177.636
References: <1393869321.174.YahooMailNeo@web125602.mail.ne1.yahoo.com> <tslr46j2kbm.fsf@mit.edu>
Message-ID: <1393875779.29082.YahooMailNeo@web125604.mail.ne1.yahoo.com>
Date: Mon, 03 Mar 2014 11:42:59 -0800
From: Bill Mills <wmills@yahoo-inc.com>
To: Sam Hartman <hartmans@mit.edu>
In-Reply-To: <tslr46j2kbm.fsf@mit.edu>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-685807438-319708309-1393875779=:29082"
X-Milter-Version: master.31+4-gbc07cd5+
X-CLX-ID: 875781000
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/MBMN1RwmthBqaI5gA6avi45QsJU
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] sasl-oauth "user" as a kvpair or in the gs2 header?
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Bill Mills <wmills@yahoo-inc.com>
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Mar 2014 19:43:29 -0000

Well that certainly wasn't clear.  


The *only* thing we avoid if we keep the GS2 header is duplicating the username in the GS2 header and about 6 extra bytes if there ever is a GS2 binding for OAuth.  Yes it's cleaner if we leave the GS2 header stub in there if GS2 ever gets implemented for it.

Is it a compelling enough reason to break existing implementations?

-bill



--------------------------------
William J. Mills
"Paranoid" MUX Yahoo!





On Monday, March 3, 2014 10:45 AM, Sam Hartman <hartmans@mit.edu> wrote:
 
When we talked about removing the GS2 support, I assumed we were
maintaining the GS2 header, just dropping the descriptions of the
GSS-API mechanism and   reference to GS2.

Speaking as an individual, I'd prefer to maximize alignment with GS2
even if we do not specify as a GSS-API mechanism at this time.

v2.30.2 | Report a Bug | By Email | System Status