Re: [kitten] New Version Notification for draft-howard-gss-sanon-01.txt
Luke Howard <lukeh@padl.com> Mon, 06 April 2020 01:28 UTC
Return-Path: <lukeh@padl.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98E2A3A0A90 for <kitten@ietfa.amsl.com>; Sun, 5 Apr 2020 18:28:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=padl.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgEraaQG0M33 for <kitten@ietfa.amsl.com>; Sun, 5 Apr 2020 18:28:52 -0700 (PDT)
Received: from us.padl.com (us.padl.com [216.154.215.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88D303A0A8E for <kitten@ietf.org>; Sun, 5 Apr 2020 18:28:52 -0700 (PDT)
Received: by us.padl.com with ESMTP id 0361SDEa028020; Mon, 6 Apr 2020 01:28:17 GMT
DKIM-Filter: OpenDKIM Filter v2.11.0 us.padl.com 0361SDEa028020
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=padl.com; s=default; t=1586136498; bh=8hOQoAiQb7griftlkDTWVBiNddJa5DTFs8qMU4pXfEI=; h=From:Subject:Date:In-Reply-To:Cc:To:References:From; b=dg7AmlWhgeuk7W39QVHlxa81ZtRGaLvMPBQ6uCB2U67CBmJDMglwSkUaefPczESIR oQnQb/z4k2Uc/iJ+oFw8Vli7dex6kuueHrQw4zwfGW8OkkU8QSqO1poRjbZMc2neTZ AkfwyEWfJurebXzBIdLgzRe7266OdUc5OsEqQYABPprpNJ/spqZK9JSOPRl2dUWtWd 7y5vS9Ivw9qrEt3q4aG2tMMQEum0EmQ6kDQrJ5JWJOnVLLoKGjEXbO+omv0WPJIt6c nF4YHNqEEge+JoBsNXQl6Fz94/8WkC4c5QrhV2nnyfDZWM1TX+rAodnxLCfPlCynly VTlzTz85QBuxg==
From: Luke Howard <lukeh@padl.com>
Message-Id: <E5951DC2-569F-48FB-8458-50D0CC8A4BAC@padl.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C3A961BD-4A28-4DA6-8ED5-22A3007DF88F"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Mon, 06 Apr 2020 11:28:12 +1000
In-Reply-To: <20200406011026.GG18021@localhost>
Cc: "kitten@ietf.org" <kitten@ietf.org>, Jeffrey Altman <jaltman@auristor.com>, Greg Hudson <ghudson@mit.edu>
To: Nicolas Williams <nico@cryptonector.com>
References: <158604472122.27168.16112727090339772628@ietfa.amsl.com> <B2497A4F-81B3-42F9-AED1-CFECF1D9F7C0@padl.com> <20200405234929.GD18021@localhost> <38ED72E1-3361-4242-9923-C3BE61698BE0@padl.com> <20200406011026.GG18021@localhost>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/Y2NSSH2bk3AMapXyiFIDB5FheLM>
Subject: Re: [kitten] New Version Notification for draft-howard-gss-sanon-01.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Apr 2020 01:28:55 -0000
> All I'm saying is that where a GSS implementation doesn't support NegoEx > there should not be a requirement that NegoEx be used. Relaxing the > requirement this way will make it possible for SAnon to progress without > having to also progress NegoEx. We can do this but, then we have an interoperability problem (unless we say it’s always negotiable directly under SPNEGO as well as NegoEx if available?). > I'd change the last item to: > > The claimant_cred_handle is the default credential and targ_name is > an anonymous name. > > There's no need to say "well known anonymous name”. Fixed. >> If neither of the above are the case, the call MUST fail with >> GSS_S_UNAVAILABLE. > > That's three conditions, s/neither/none/ :) Hah, got me. Fixed. — Luke
- [kitten] Fwd: New Version Notification for draft-… Luke Howard
- Re: [kitten] Fwd: New Version Notification for dr… Nico Williams
- Re: [kitten] Fwd: New Version Notification for dr… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Luke Howard
- Re: [kitten] New Version Notification for draft-h… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Luke Howard
- Re: [kitten] New Version Notification for draft-h… Luke Howard
- Re: [kitten] New Version Notification for draft-h… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Luke Howard
- Re: [kitten] New Version Notification for draft-h… Luke Howard
- Re: [kitten] New Version Notification for draft-h… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Luke Howard
- Re: [kitten] New Version Notification for draft-h… Nico Williams
- Re: [kitten] New Version Notification for draft-h… Jeffrey E Altman