[kitten] advancing some documents to the IESG

Benjamin Kaduk <kaduk@MIT.EDU> Wed, 31 August 2016 01:51 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5C8512D870 for <kitten@ietfa.amsl.com>; Tue, 30 Aug 2016 18:51:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.769
X-Spam-Level:
X-Spam-Status: No, score=-4.769 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fJl8lPhkXh6i for <kitten@ietfa.amsl.com>; Tue, 30 Aug 2016 18:51:50 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A51F412B032 for <kitten@ietf.org>; Tue, 30 Aug 2016 18:51:50 -0700 (PDT)
X-AuditID: 1209190e-297ff70000002766-52-57c6383500b5
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 37.EE.10086.53836C75; Tue, 30 Aug 2016 21:51:49 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id u7V1pmXY008596; Tue, 30 Aug 2016 21:51:48 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id u7V1pjCB018192 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 30 Aug 2016 21:51:48 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id u7V1pi5E022585; Tue, 30 Aug 2016 21:51:44 -0400 (EDT)
Date: Tue, 30 Aug 2016 21:51:44 -0400
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: kitten@ietf.org
In-Reply-To: <1467033683.2592.2.camel@redhat.com>
Message-ID: <alpine.GSO.1.10.1608302133320.5272@multics.mit.edu>
References: <20160516161709.16705.29515.idtracker@ietfa.amsl.com> <1463416879.2542.15.camel@redhat.com> <1466709219.20951.3.camel@redhat.com> <alpine.GSO.1.10.1606252344350.18480@multics.mit.edu> <1467033683.2592.2.camel@redhat.com>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; boundary="-559023410-1861363274-1472607833=:5272"
Content-ID: <alpine.GSO.1.10.1608302148290.5272@multics.mit.edu>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrKKsWRmVeSWpSXmKPExsUixG6nomtqcSzcYN89RYujm1exWMz9OovV gcljyZKfTB7v911lC2CK4rJJSc3JLEst0rdL4Mr49GgLa8E2g4pHh3ewNzD+Vuti5OSQEDCR uL1jKlsXIxeHkEAbk0Tz+6usEM5GRol/p/+wg1QJCRxiknjRoQaRaGCU+H+5jw0kwSKgLTF5 wwQmEJtNQEVi5puNYHERAWGJ3VvfMYPYzAJ6En2z1gMN4uAQFtCVOPpGEyTMKWAose3QPrBW XgEHie3HrjFDzH/FKHHy33ywXlEBHYnV+6ewQBQJSpyc+YQFZA6zQIDElG0CEKaDxNG7wRMY BWchKZqFUDQLoWgW2Dm6Em9WHWSCsLUl7t9sY4OwHSQOn9/PuoCRbRWjbEpulW5uYmZOcWqy bnFyYl5eapGusV5uZoleakrpJkZQDHBK8u1gnNTgfYhRgINRiYf3wKyj4UKsiWXFlbmHGCU5 mJREecP/AoX4kvJTKjMSizPii0pzUosPMUpwMCuJ8P4yPhYuxJuSWFmVWpQPk5LmYFES5+2a cSBcSCA9sSQ1OzW1ILUIJivDwaEkwfvLDKhRsCg1PbUiLTOnBCHNxMEJMpwHaPhykBre4oLE 3OLMdIj8KUZdjp4JN9YyCbHk5eelSonzRoIUCYAUZZTmwc0Bp67dTKqvGMWB3hLmTTAHquIB pj24ScD4AfpOhLfgzmGQJSWJCCmpBsZG3dkaacc+bzvUVjtZKJt/R2iXy4lK11exeSl1igqR /49E75Otumxy/NEP+wnVLhx5TwT/PxQ5HDa3dUXum30ha4S3qLyK4LLlLdxWsPDer1ruiYou +Xl31HPZ0iYy9C1/ePUBu1cmi+LmqUbXvGW9Hx9qTubMc63YqrSlJ7Fo0Wbzri4LFyWW4oxE Qy3mouJEAD9KveM4AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/OLH1iOZ5o-q5uatrHtp5SAWzxew>
Subject: [kitten] advancing some documents to the IESG
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 01:51:53 -0000

(was Re: [kitten] I-D Action: draft-ietf-kitten-krb-auth-indicator-02.txt)

Looping back to this thread, now that we have the extra reviews from
Richard and Gerard, the chairs are comfortable advancing it to the IESG; I
will shepherd.  In accordance with our new workflow, there will not be an
additional WGLC, but feel free to comment (or object) at any time.

We also have draft-ietf-kitten-rfc6112bis active, for which Shawn has
published an updated version (with help from the secretariat).  It needs a
few more tweaks to the wording and attack description, but the core
protocol portions look good, so once the revisions are in place, that can
also move forward to the IESG.  As always, comments are always welcome.

draft-ietf-kitten-rfc5653bis went through WGLC at the same time as
rfc6112bis, and also has an updated version as a result of the comments
from WGLC.  (As a reminder: the main goal is to allow GSSAPI error tokens
to be generated along with the GSSException that indicates the failure,
but the review also indicated issues with the stream-based GSSContext
methods, leading to their removal from the current draft.)  Richard,
Gerard, and everyone else are encouraged to review that document.

draft-ietf-kitten-pkinit-freshness is waiting for a shepherd writeup and
then is expected to advance to the IESG.

In other PKINIT-related work, the most recent threads the chairs have
about draft-ietf-kitten-pkinit-alg-agility indicate that it should also be
ready to advance, but given how long ago they were, some additional
research is in order to verify that.  More (re-)reviews wouldn't hurt,
either!

Please feel free to contact the chairs (or the list) with any questions,
concerns, or most especially document reviews.

-Ben
for the kitten chairs



On Mon, 27 Jun 2016, Nathaniel McCallum wrote:

> I'm happy to do so. But, AFAIK, the only review thus far has been
> yours. There were several other +1's to WG adoption, but no other
> reviews.
>
> On Sat, 2016-06-25 at 23:46 -0400, Benjamin Kaduk wrote:
> > Yes, it would be good to move this document forward, especially since
> > it
> > already has implementation experience.  Would you be interested in
> > trying
> > out the proposal to manually track reviews and (mostly) skip WGLC for
> > this
> > document?  That thread has not gotten many responses yet...
> >
> > -Ben
> >
> > On Thu, 23 Jun 2016, Nathaniel McCallum wrote:
> >
> > > I propsed this and hear no response. Can we move this draft
> > forward?
> > >
> > > On Mon, 2016-05-16 at 12:41 -0400, Nathaniel McCallum wrote:
> > > > With this revision, I believe that we are in the home stretch on
> > this
> > > > draft. Unless anyone has any objections, I'd like to request that
> > the
> > > > chairs begin WGLC.
> > > >
> > > > On Mon, 2016-05-16 at 09:17 -0700, internet-drafts@ietf.org wrote
> > :
> > > > > A New Internet-Draft is available from the on-line Internet-
> > Drafts
> > > > > directories.
> > > > > This draft is a work item of the Common Authentication
> > Technology
> > > > > Next Generation of the IETF.
> > > > >
> > > > >         Title           : Authentication Indicator in Kerberos
> > > > > Tickets
> > > > >         Authors         : Anupam Jain
> > > > >                           Nathan Kinder
> > > > >                           Nathaniel McCallum
> > > > >   Filename        : draft-ietf-kitten-krb-auth-indicator-02.txt
> > > > >   Pages           : 5
> > > > >   Date            : 2016-05-16
> > > > >
> > > > > Abstract:
> > > > >    This document specifies an extension in the Kerberos
> > protocol
> > > > >    [RFC4120].  It defines a new authorization data type AD-
> > > > >    AUTHENTICATION-INDICATOR.  The purpose of introducing this
> > data
> > > > > type
> > > > >    is to include an indicator of the strength of a client's
> > > > >    authentication in the service tickets so that application
> > > > > services
> > > > >    can use it as an input into policy decisions.
> > > > >
> > > > >
> > > > > The IETF datatracker status page for this draft is:
> > > > > https://datatracker.ietf.org/doc/draft-ietf-kitten-krb-auth-ind
> > icat
> > > > > or
> > > > > /
> > > > >
> > > > > There's also a htmlized version available at:
> > > > > https://tools.ietf.org/html/draft-ietf-kitten-krb-auth-indicato
> > r-02
> > > > >
> > > > > A diff from the previous version is available at:
> > > > > https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-krb-auth-in
> > dica
> > > > > to
> > > > > r-02
> > > > >
> > > > >
> > > > > Please note that it may take a couple of minutes from the time
> > of
> > > > > submission
> > > > > until the htmlized version and diff are available at
> > > > > tools.ietf.org.
> > > > >
> > > > > Internet-Drafts are also available by anonymous FTP at:
> > > > > ftp://ftp.ietf.org/internet-drafts/
> > > > >
> > > > > _______________________________________________
> > > > > Kitten mailing list
> > > > > Kitten@ietf.org
> > > > > https://www.ietf.org/mailman/listinfo/kitten
> > > >
> > > > _______________________________________________
> > > > Kitten mailing list
> > > > Kitten@ietf.org
> > > > https://www.ietf.org/mailman/listinfo/kitten
> > >
> > > _______________________________________________
> > > Kitten mailing list
> > > Kitten@ietf.org
> > > https://www.ietf.org/mailman/listinfo/kitten
> > >
>