IETF Logo Mail Archive

Re: [kitten] Channel binding language changes Re: Status of draft-ietf-kitten-sasl-oauth?

William Mills <wmills@yahoo-inc.com> Fri, 17 August 2012 00:30 UTC

Return-Path: <wmills@yahoo-inc.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D584721F84D3 for <kitten@ietfa.amsl.com>; Thu, 16 Aug 2012 17:30:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.547
X-Spam-Level:
X-Spam-Status: No, score=-17.547 tagged_above=-999 required=5 tests=[AWL=0.051, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lsEz6zs95BeC for <kitten@ietfa.amsl.com>; Thu, 16 Aug 2012 17:30:32 -0700 (PDT)
Received: from nm2-vm0.bullet.mail.bf1.yahoo.com (nm2-vm0.bullet.mail.bf1.yahoo.com [98.139.213.127]) by ietfa.amsl.com (Postfix) with SMTP id 2E8C321F84A5 for <kitten@ietf.org>; Thu, 16 Aug 2012 17:30:29 -0700 (PDT)
Received: from [98.139.214.32] by nm2.bullet.mail.bf1.yahoo.com with NNFMP; 17 Aug 2012 00:30:29 -0000
Received: from [98.139.212.242] by tm15.bullet.mail.bf1.yahoo.com with NNFMP; 17 Aug 2012 00:30:29 -0000
Received: from [127.0.0.1] by omp1051.mail.bf1.yahoo.com with NNFMP; 17 Aug 2012 00:30:29 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 490629.61327.bm@omp1051.mail.bf1.yahoo.com
Received: (qmail 27429 invoked by uid 60001); 17 Aug 2012 00:30:28 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1345163428; bh=wcwgK3HMaK9AmwdOer1HNfYvcyNtw+YDsl9FDMckCrI=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=Zgh+aqtNxv+EtBC4bLVRyHewUtoMVdtxIrxYSFmwwgBiryF7CyN2CNQJzFvoT0nUBT0U6rurLFoaUv9M2XmTqN3CYn/zus5DUmszbORRHfLJT/RMnfCB+GpxcHaRX0C9ALl8QR3ggIw5u6bsZmX/DCY0pp39BJC6O9jQ+7/918U=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=lWvpnj4XWj5oLSxqgxqENPYpRoOluHGavFpugX4Bhi01rmruF7kmd4Ixp3iTdF6axITsliqF56/4K3lnbjxtNtx5uuCVgKK2QGTRg8asCKi1nfSLi87ErbuKdCeFsSRpPWpyWpQgQPR5ujZ88tHWmfnGuTnzaF/9NqaLiV6Qvew=;
X-YMail-OSG: qoSfOBQVM1nlWQs35F1gibweqUD.DzGMn3jYeJBNbwrjN8A i5mj5X2b.bjG0pEnKlHmTFe6BKqiB12aIpajQRo.Bkj_4DSitwP1Wpp3S3lU UQFkCK_ZnINoehWRHbkTJ9yki7Sh3hr5vC6MG9fAyN8UsVL2ZyMQlQxH7i5a 7Cfi8Bot40i3rSlZPqik5P9SjyHUQ2JEXI.Jv4P_jjnergVju.7WG19qq0fG 0Ydj8GkcCjA_XCH1Nmv8IO6lD._Yulkux9JyS3uKJZ.NJtQOxwAGajCyiLVA .zsWHldL8cOIt3vx6vxqFgxGHfj5PvKhJFdh3cOpVq4QhPQayGFKsvrr342i 6g96j1cyMKZmzLHzUzhIVNRnekqWz_6QfKtS0LsYdGq2dBzvrsMc43dbYZBR PBTbwdNj.wrkzitPyOlOK3R_5dSkU0hRsg1vkQAK2guBxJIW1E2o_lHlTqEY lUf95mQ--
Received: from [209.131.62.113] by web31803.mail.mud.yahoo.com via HTTP; Thu, 16 Aug 2012 17:30:28 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.121.416
References: <CAK3OfOixaSiWYYQ_5Rswbc9xjQkGXYJa84998fc0L6Wbv6ZyGw@mail.gmail.com> <20120817001915.3C9011A18C@ld9781.wdf.sap.corp>
Message-ID: <1345163428.26178.YahooMailNeo@web31803.mail.mud.yahoo.com>
Date: Thu, 16 Aug 2012 17:30:28 -0700
From: William Mills <wmills@yahoo-inc.com>
To: "mrex@sap.com" <mrex@sap.com>, Nico Williams <nico@cryptonector.com>
In-Reply-To: <20120817001915.3C9011A18C@ld9781.wdf.sap.corp>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="1502656925-732267155-1345163428=:26178"
Cc: "kitten@ietf.org" <kitten@ietf.org>, Simon Josefsson <simon@josefsson.org>
Subject: Re: [kitten] Channel binding language changes Re: Status of draft-ietf-kitten-sasl-oauth?
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Aug 2012 00:30:32 -0000

Good to know, but won't affect the OAUTH SASL spec I think.





>________________________________
> From: Martin Rex <mrex@sap.com>
>To: Nico Williams <nico@cryptonector.com> 
>Cc: William Mills <wmills@yahoo-inc.com>; "kitten@ietf.org" <kitten@ietf.org>; Simon Josefsson <simon@josefsson.org> 
>Sent: Thursday, August 16, 2012 5:19 PM
>Subject: Re: [kitten] Channel binding language changes Re: Status of draft-ietf-kitten-sasl-oauth?
> 
>Nico Williams wrote:
>> 
>> It's actually RFC5929 that specifies tls-unique.
>> 
>> > I also struck the concept entirely of hashing the channel binding payload if
>> > it's large.
>> 
>> Yeah, don't do that: you end up having to provide hash agility.  The
>> tls-server-end-point and tls-unique CB types are already fixed-sized
>> and small anyways.
>
>Uh-oh, that latter information is incorrect.
>
>tls-unique is _not_ fixed-size (the way I understand this term).
>
>It's 36 octets for SSLv3, 12 octets for TLSv1.0 & TLSv1.1, and officially
>ciphersuite-dependent for TLSv1.2 (with a default size of 12 octets).
>
>
>-Martin
>
>
>

v2.23.0 | Report a Bug | By Email