Re: [kitten] Updating IANA krb5 GSSAPI token type registry
Jeffrey Hutzelman <jhutz@cmu.edu> Wed, 05 March 2014 14:59 UTC
Return-Path: <jhutz@cmu.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 175E21A0713 for <kitten@ietfa.amsl.com>; Wed, 5 Mar 2014 06:59:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uqyqQ-84uJFs for <kitten@ietfa.amsl.com>; Wed, 5 Mar 2014 06:59:23 -0800 (PST)
Received: from smtp01.srv.cs.cmu.edu (smtp01.srv.cs.cmu.edu [128.2.217.200]) by ietfa.amsl.com (Postfix) with ESMTP id CB44C1A0527 for <kitten@ietf.org>; Wed, 5 Mar 2014 06:59:22 -0800 (PST)
Received: from [192.168.202.157] (pool-108-39-221-65.pitbpa.fios.verizon.net [108.39.221.65]) (authenticated bits=0) by smtp01.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id s25ExGCd003717 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 5 Mar 2014 09:59:17 -0500 (EST)
Message-ID: <1394031556.4290.53.camel@destiny.pc.cs.cmu.edu>
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: Sam Hartman <hartmans-ietf@mit.edu>
Date: Wed, 05 Mar 2014 09:59:16 -0500
In-Reply-To: <tslzjl4ohbn.fsf@mit.edu>
References: <20130806223553.CD3401A8EC@ld9781.wdf.sap.corp> <29F4D66E-3E8F-4033-8779-8EA158C1B72A@padl.com> <alpine.GSO.1.10.1308062018070.24720@multics.mit.edu> <alpine.GSO.1.10.1309041148130.16692@multics.mit.edu> <alpine.GSO.1.10.1403041135510.1213@multics.mit.edu> <tslzjl4ohbn.fsf@mit.edu>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.8.4-0ubuntu1
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: mimedefang-cmuscs on 128.2.217.200
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/et5MINB24z8IbJlEVB9sm9BZ0I8
Cc: kitten@ietf.org, jhutz@cmu.edu
Subject: Re: [kitten] Updating IANA krb5 GSSAPI token type registry
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 14:59:26 -0000
On Wed, 2014-03-05 at 09:23 -0500, Sam Hartman wrote: > >>>>> "Benjamin" == Benjamin Kaduk <kaduk@MIT.EDU> writes: > > > Benjamin> To me, this seems like a(nother) bug in RFC 7055, but of > Benjamin> course it is not one that can be reasonably fixed. I > Benjamin> guess that the easiest way forward is to publish a quick > Benjamin> document that reserves 0405 and 0501 noting that they were > Benjamin> in use before the registry was established. > > I do not support reserving the iakerb value in another document. > The right solution there is to finish iakerb and get it published. Agreed. For better or worse, our process generally allocates values on publication, not when a spec first appears that needs one. The right way to avoid conflicts here is for the iakerb document to say "TBA" until a value is assigned by IANA, and to mention this in its IANA considerations section. > my preference is that the CFX context deletion token not be registered. > I don't see any protocol issues that are likely to result if that code > point were re-used. > If the community disagrees, writing a document is the right way forward. I think that depends on how mechanisms might get stacked and whether there is deployed code that emits or reacts to that code point. In general, tokens used only during context establishment almost don't need to be in a common namespace at all, except that it makes it less complicated to update things when one mech builds on the context establishment of another. However, tokens which can appear after context establishment require a little more care (but are also less likely to appear or change outside of 4121 or its successors). In this particular case, I don't feel like I'm in a position to develop an opinion on whether the code points needs to be reserved, because I don't know what the existing implementation does with it. Here, we're talking about a code point used in a document which was in progress and then abandoned or superseded before the registry was created; thus, it never appeared in any published protocol specification. If we're concerned that use of such a code point might cause interop problems, then having marked it as reserved in the initial registry would have been a fine thing to do, and there is ample precedent for that. If it didn't, and we consider that an oversight, then it seems to me that publication of a new IETF-reviewed RFC is a rather heavyweight process to correct the oversight. -- Jeff
- [kitten] I-D Action: draft-ietf-kitten-iakerb-00.… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-iakerb… Benjamin Kaduk
- [kitten] Updating IANA krb5 GSSAPI token type reg… Benjamin Kaduk
- Re: [kitten] I-D Action: draft-ietf-kitten-iakerb… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Tom Yu
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Martin Rex
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Luke Howard
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Martin Rex
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Luke Howard
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Simo Sorce
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Jeffrey Hutzelman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Martin Rex
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Simo Sorce
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Sam Hartman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Jeffrey Hutzelman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Shawn M Emery
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Sam Hartman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Benjamin Kaduk
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Jeffrey Hutzelman
- Re: [kitten] Updating IANA krb5 GSSAPI token type… Sam Hartman