IETF Logo Mail Archive

Re: [kitten] I-D Action: draft-ietf-krb-wg-cammac-07.txt

Benjamin Kaduk <kaduk@MIT.EDU> Fri, 30 May 2014 21:11 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C746C1A0A6E for <kitten@ietfa.amsl.com>; Fri, 30 May 2014 14:11:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.252
X-Spam-Level:
X-Spam-Status: No, score=-3.252 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GQ73oc7wjJZn for <kitten@ietfa.amsl.com>; Fri, 30 May 2014 14:11:42 -0700 (PDT)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DAE231A0545 for <kitten@ietf.org>; Fri, 30 May 2014 14:11:40 -0700 (PDT)
X-AuditID: 1209190f-f790b6d000000c38-c3-5388f407583b
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id 64.C7.03128.704F8835; Fri, 30 May 2014 17:11:35 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id s4ULBYgn009787; Fri, 30 May 2014 17:11:35 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s4ULBWin022753 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 30 May 2014 17:11:34 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s4ULBW1u028259; Fri, 30 May 2014 17:11:32 -0400 (EDT)
Date: Fri, 30 May 2014 17:11:32 -0400
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Tom Yu <tlyu@MIT.EDU>
In-Reply-To: <ldvbnusb375.fsf@sarnath.mit.edu>
Message-ID: <alpine.GSO.1.10.1405301655240.25244@multics.mit.edu>
References: <20140508184930.30482.94798.idtracker@ietfa.amsl.com> <ldvbnusb375.fsf@sarnath.mit.edu>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrEIsWRmVeSWpSXmKPExsUixCmqrcv+pSPY4HKXnsXRzatYHBg9liz5 yRTAGMVlk5Kak1mWWqRvl8CV8WDiFLaCz2wV0/ousjUwbmPtYuTkkBAwkfj8p48JwhaTuHBv PVsXIxeHkMBsJokpk1cwgySEBDYySryYVwWROMQkcalzHVSigVHizmEvEJtFQFti2dzZ7CA2 m4CKxMw3G9lAbBEBSYljT86D1TMLCEusPzcDzBYWcJSYdG0rWD2ngJ7EhJ2fwS7iBYovmNLG AjE/WWLSjs1gc0QFdCRW75/CAlEjKHFy5hMWiJmWEv/W/mKdwCg4C0lqFpLUAkamVYyyKblV urmJmTnFqcm6xcmJeXmpRbomermZJXqpKaWbGMFBKcm/g/HbQaVDjAIcjEo8vA4zOoKFWBPL iitzDzFKcjApifJ6vAAK8SXlp1RmJBZnxBeV5qQWH2KU4GBWEuF9fgQox5uSWFmVWpQPk5Lm YFES531rbRUsJJCeWJKanZpakFoEk5Xh4FCS4OX4DNQoWJSanlqRlplTgpBm4uAEGc4DNFwb pIa3uCAxtzgzHSJ/ilFRSpxX5RNQQgAkkVGaB9cLSxqvGMWBXhHmtQdp5wEmHLjuV0CDmYAG P+lsBRlckoiQkmpgjC+fEdx1cfmpKo/Qhr+GR62ivn1O23TJ8oLTraQu3sI9jc71K3xi0tYr dEw5P+9P0hnnc0tzTv2f67HT0IP17VnRFbumRs39bNevbf3Yvu7YQqsUHq4t6iusC02lL5vf PT/f6GVHayefhbLW2hQDPsu6DBP1Ge/7IvLtRJwcd521d6k8J8ajxFKckWioxVxUnAgARNc/ nfUCAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/aX7UMrA00z-GwTGT9MKIQthGkCM
Cc: kitten@ietf.org
Subject: Re: [kitten] I-D Action: draft-ietf-krb-wg-cammac-07.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 May 2014 21:11:49 -0000

On Tue, 20 May 2014, Tom Yu wrote:

> I think this is ready for Working Group Last Call if we strike out the
> open questions.

I am essentially in agreement.

The key usage for the other-verifiers checksums is left as TBD, with no 
IANA request to assign a usage.  (The key usage for the kdc-verifier and 
svc-verifier seem to not be specified, as well?!)

> One possible open question is whether to define some verifier that is
> like the kdc-verifier but not bound to the ticket.  This would allow for
> detached CAMMAC verification without needing a copy of the ticket.  I'm
> inclined to defer this until there's a use case for it, because it can
> probably be put in other-verifiers, and might not even require
> additional specification.

I agree that it could probably be put in other-verifiers if needed, and 
need not be specified at this time.

-Ben

v2.30.2 | Report a Bug | By Email | System Status