[kitten] proposed RFC 6680 erratum for GSS_Getname_attribute() network interaction

Benjamin Kaduk <kaduk@MIT.EDU> Fri, 17 April 2015 17:56 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 6C6331AD0C6 for <kitten@ietfa.amsl.com>; Fri, 17 Apr 2015 10:56:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id dch8Zrt750-z for <kitten@ietfa.amsl.com>; Fri, 17 Apr 2015 10:56:57 -0700 (PDT)
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B3861ACE1C for <kitten@ietf.org>; Fri, 17 Apr 2015 10:56:30 -0700 (PDT)
X-AuditID: 12074423-f79536d000000e74-14-5531494db1b6
Received: from mailhub-auth-1.mit.edu ( []) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id B4.B4.03700.D4941355; Fri, 17 Apr 2015 13:56:29 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu []) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id t3HHuTQd008965; Fri, 17 Apr 2015 13:56:29 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu []) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t3HHuQpE020935 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 17 Apr 2015 13:56:28 -0400
Received: (from kaduk@localhost) by multics.mit.edu ( id t3HHuQVL018997; Fri, 17 Apr 2015 13:56:26 -0400 (EDT)
Date: Fri, 17 Apr 2015 13:56:26 -0400 (EDT)
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Nico Williams <nico@cryptonector.com>
Message-ID: <alpine.GSO.1.10.1504171339540.22210@multics.mit.edu>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrIIsWRmVeSWpSXmKPExsUixCmqrOvraRhqMPewrsXRzatYLE5dO8Lm wOTx8tQ5Ro8lS34yBTBFcdmkpOZklqUW6dslcGXs+biQrWARe8Xmp7+ZGhgvsHYxcnJICJhI zOvrZYOwxSQu3FsPZHNxCAksZpJYcfMoO4SzkVGifTWMc4hJ4vrJmVBlDYwSPXfWMYH0swho S7x6PglsFpuAisTMNxvBbBEBTYnr85aC2cwCwhLrz81g7mLk4BAWCJHYsCgEJMwr4ChxYFM/ C4gtKqAjsXr/FBaIuKDEyZlPWCBatSSWT9/GMoGRfxaS1CwkqQWMTKsYZVNyq3RzEzNzilOT dYuTE/PyUot0zfRyM0v0UlNKNzGCQo/dRXkH45+DSocYBTgYlXh4D8QbhAqxJpYVV+YeYpTk YFIS5f3vYhgqxJeUn1KZkVicEV9UmpNafIhRgoNZSYRXyRQox5uSWFmVWpQPk5LmYFES5930 gy9ESCA9sSQ1OzW1ILUIJivDwaEkwbvLHahRsCg1PbUiLTOnBCHNxMEJMpwHaPhOkBre4oLE 3OLMdIj8KUZdjjtT/i9iEmLJy89LlRLndfEAKhIAKcoozYObA0sZrxjFgd4S5v0GMooHmG7g Jr0CWsIEtKR0hwHIkpJEhJRUA2Owcmim2JMlxpt6tb49Tttx3eic/rGVWw//Yr7vs64jOzNu ZnLg/xdv3ogHZuenS/5XbYpaejzqhkHJJwEt1QBviTme2sFKCTs8Gwyyn7uc9j4loXV20UG+ jecanjKmzcxRT/mQ/2tTxrWAvRzd3QWKsyRMpGRcZmu9EGOQeSDXVBZSyjO/SomlOCPRUIu5 qDgRANUh+W70AgAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/_mALIium5Olc2O__TEJ8HtbGJGc>
Cc: kitten@ietf.org
Subject: [kitten] proposed RFC 6680 erratum for GSS_Getname_attribute() network interaction
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2015 17:56:58 -0000

It was unclear if there was actually support for an erratum for this, so
let me throw out some text and see what response it gets.

In section 7.5.  GSS_Get_name_attribute()

   This function outputs the value(s) associated with a given GSS name
   object for a given name attribute.

   This function outputs the value(s) associated with a given GSS name
   object for a given name attribute.  It is permitted to block pending
   network interactions when the attr input is not an attribute which
   would be included in the attrs output of a call to GSS_Inquire_name()
   on the same name input.

   RFC 6680 makes no mention of blocking or not blocking on network
   interaction, though RFC 2743 does.  This seems like the most reasonable
   interpretation of what is currently in RFC 6680.  Calls which are not
   explicitly permitted to block are assumed to be not permitted to block.