Re: [kitten] Options for IAKERB compatibility issue
Greg Hudson <ghudson@MIT.EDU> Tue, 07 May 2013 17:38 UTC
Return-Path: <ghudson@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 976FC21F9254 for <kitten@ietfa.amsl.com>; Tue, 7 May 2013 10:38:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MtBqhAUXRhnI for <kitten@ietfa.amsl.com>; Tue, 7 May 2013 10:38:20 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (DMZ-MAILSEC-SCANNER-6.MIT.EDU [18.7.68.35]) by ietfa.amsl.com (Postfix) with ESMTP id 763D021F93B4 for <kitten@ietf.org>; Tue, 7 May 2013 10:38:12 -0700 (PDT)
X-AuditID: 12074423-b7f826d000001438-1a-51893c03ed23
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id EB.ED.05176.30C39815; Tue, 7 May 2013 13:38:11 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id r47HcBIs014918; Tue, 7 May 2013 13:38:11 -0400
Received: from [18.189.54.192] ([18.189.54.192]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id r47Hc84u003731 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 7 May 2013 13:38:10 -0400
Message-ID: <51893C00.7090808@mit.edu>
Date: Tue, 07 May 2013 13:38:08 -0400
From: Greg Hudson <ghudson@MIT.EDU>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130404 Thunderbird/17.0.5
MIME-Version: 1.0
To: Nico Williams <nico@cryptonector.com>
References: <x7d4neg555c.fsf@equal-rites.mit.edu> <CAK3OfOhiXfLmTuLiuCB9c3uk=_o0N9O8TyBRSe8rM7CLss6meQ@mail.gmail.com>
In-Reply-To: <CAK3OfOhiXfLmTuLiuCB9c3uk=_o0N9O8TyBRSe8rM7CLss6meQ@mail.gmail.com>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpgleLIzCtJLcpLzFFi42IR4hRV1mW26Qw06Ow3sTi6eRWLxalrR9gc mDxenjrH6LFkyU+mAKYoLpuU1JzMstQifbsErownvw6yFcxiq3hw6ThzA+Nvli5GTg4JAROJ pbO3sELYYhIX7q1nA7GFBPYxShx7wgxhb2CUuHMysYuRC8hewyTx9NlydpAEr4CaxI75D8GK WARUJd6d/wnWzCagLHHw7DewBaICIRKnPzcxQ9QLSpyc+QQsLiKgKXF93lKwemYBYYkL2/cC HcHBISxgI/FhSiLE3jKJVX1fwMo5BQIlVm19BHWzpMSiaZ0sIOXMAuoS6+cJQUyRl9j+dg7z BEahWUiWzUKomoWkagEj8ypG2ZTcKt3cxMyc4tRk3eLkxLy81CJdM73czBK91JTSTYyggGZ3 Ud7B+Oeg0iFGAQ5GJR5eC+7OQCHWxLLiytxDjJIcTEqivF+NgEJ8SfkplRmJxRnxRaU5qcWH GCU4mJVEeIUUgHK8KYmVValF+TApaQ4WJXHeayk3/YUE0hNLUrNTUwtSi2CyMhwcShK8zcZA jYJFqempFWmZOSUIaSYOTpDhPEDDc61BhhcXJOYWZ6ZD5E8xKkqJ8xqDNAuAJDJK8+B6YQnn FaM40CvCEO08wGQF1/0KaDAT0OAEvnaQwSWJCCmpBkaBLc/dRZwvR6of7Vw8f/o15+Inid16 im5/C/M+cB3cc+AUe1Lkqzv+/LF7Lkx35i5c5jX7KKOD/p3aCOcr2uFCK6/v3c4mZxkiMs/0 YapF/o0Nv6dIPhP65jnv2vxAPfUN+7d8quiWVetdGsrhxWZo1e6ifUbk16RZR4IXnPqe8qeb kdG7LEyJpTgj0VCLuag4EQD0cxtoEwMAAA==
Cc: kitten@ietf.org
Subject: Re: [kitten] Options for IAKERB compatibility issue
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 May 2013 17:38:26 -0000
On 05/06/2013 02:56 PM, Nico Williams wrote: > On Mon, May 6, 2013 at 1:34 PM, Greg Hudson <ghudson@mit.edu> wrote: >> 5. We can define a new mech OID for the standard. I don't like this >> option because I don't like proliferating krb5 mech OIDs. It also >> means the standard wouldn't interoperate with either OSX's or Apple's >> implementation. > The new mech OID would interop with one of the existing > implementations Not under any reasonable definition of "interoperate". If the standard uses a different OID from 1.3.6.1.5.2.5, then an implementation of the standard won't interoperate with an existing MIT krb5 or OSX implementation. One could potentially use the same or similar code for both OIDs, but that's not interoperating; that's code sharing.
- [kitten] Options for IAKERB compatibility issue Greg Hudson
- Re: [kitten] Options for IAKERB compatibility iss… Nico Williams
- Re: [kitten] Options for IAKERB compatibility iss… Greg Hudson
- Re: [kitten] Options for IAKERB compatibility iss… Love Hörnquist Åstrand
- Re: [kitten] Options for IAKERB compatibility iss… Greg Hudson
- Re: [kitten] Options for IAKERB compatibility iss… Love Hörnquist Åstrand
- Re: [kitten] Options for IAKERB compatibility iss… Greg Hudson
- Re: [kitten] Options for IAKERB compatibility iss… Sam Hartman
- Re: [kitten] Options for IAKERB compatibility iss… Greg Hudson