Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt
Seth Moore <sethmo@microsoft.com> Mon, 21 March 2016 20:20 UTC
Return-Path: <sethmo@microsoft.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A38A012DB5F for <kitten@ietfa.amsl.com>; Mon, 21 Mar 2016 13:20:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.003
X-Spam-Level:
X-Spam-Status: No, score=-2.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hCYY-qr-xIjO for <kitten@ietfa.amsl.com>; Mon, 21 Mar 2016 13:19:50 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0134.outbound.protection.outlook.com [207.46.100.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA15512DB54 for <kitten@ietf.org>; Mon, 21 Mar 2016 13:19:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=fdfXV+C9EjGtwABSmBQ52bUwR4inVuUWcMffA7CuSF0=; b=CMi2NdDHfddJhC41sNZBtJte32OAvPWSC10dyQ84DjlNKqp5it6g624IWH+BYG+/gUd/JRISNsJZ9qoE4rq6G/7cdEH7CO9h+dE8mdIJubky05ACd6A/VfzKoOL5MncWJVra03mK9STimdLQQWMhQq5mlseFn5Mq8d/lwr0HKfE=
Received: from CO2PR03MB2262.namprd03.prod.outlook.com (10.166.92.143) by CO2PR03MB2262.namprd03.prod.outlook.com (10.166.92.143) with Microsoft SMTP Server (TLS) id 15.1.434.11; Mon, 21 Mar 2016 20:19:49 +0000
Received: from CO2PR03MB2262.namprd03.prod.outlook.com ([10.166.92.143]) by CO2PR03MB2262.namprd03.prod.outlook.com ([10.166.92.143]) with mapi id 15.01.0434.019; Mon, 21 Mar 2016 20:19:49 +0000
From: Seth Moore <sethmo@microsoft.com>
To: Greg Hudson <ghudson@mit.edu>, "kitten@ietf.org" <kitten@ietf.org>
Thread-Topic: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt
Thread-Index: AQHRg5lN/uWE57iPZUSW2JbNdwXVQJ9kLvOAgAAnoHA=
Date: Mon, 21 Mar 2016 20:19:49 +0000
Message-ID: <CO2PR03MB22627F7222F6EF5F3EECD005C98F0@CO2PR03MB2262.namprd03.prod.outlook.com>
References: <20160321174343.31977.39539.idtracker@ietfa.amsl.com> <56F035EF.1030304@mit.edu>
In-Reply-To: <56F035EF.1030304@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:c::701]
x-ms-office365-filtering-correlation-id: 40ebae68-91be-429b-7092-08d351c6274e
x-microsoft-exchange-diagnostics: 1; CO2PR03MB2262; 5:onXU2RWijqP9M6ArfmKoZVRJtFS9ARwFJHhsnTJOXjRJnnLxFuKrQSt4kOxJi9LGFHXTF0NDm8TF0MKD0K0VBXtxcNDrZjWz6AYV6aUH54nHCx+HNWOF5GHakPRIKv78EJgwEfDrZHmecSj/PJ+DNg==; 24:mqZyFthoVJR51cN0PaeWiMFz9F8Idonc6jkDgORVxcPuxccevKy04H3JySnEWWRXk0zbtDG6Vk/yOy9BMTqVFmuVH1IhKhaM+K2zby/9m8U=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CO2PR03MB2262;
x-microsoft-antispam-prvs: <CO2PR03MB2262BFE0972075B4C6C44E15C98F0@CO2PR03MB2262.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(61426038)(61427038); SRVR:CO2PR03MB2262; BCL:0; PCL:0; RULEID:; SRVR:CO2PR03MB2262;
x-forefront-prvs: 0888B1D284
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(164054003)(13464003)(377454003)(77096005)(11100500001)(81166005)(92566002)(15975445007)(10290500002)(5005710100001)(5001770100001)(8990500004)(6116002)(10090500001)(2950100001)(2900100001)(586003)(5008740100001)(107886002)(102836003)(2906002)(5002640100001)(3280700002)(106116001)(19580395003)(2501003)(1096002)(1220700001)(5003600100002)(19580405001)(189998001)(10400500002)(3660700001)(122556002)(76176999)(2171001)(5004730100002)(230783001)(54356999)(86612001)(99286002)(33656002)(87936001)(74316001)(86362001)(76576001)(50986999); DIR:OUT; SFP:1102; SCL:1; SRVR:CO2PR03MB2262; H:CO2PR03MB2262.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2016 20:19:49.2479 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR03MB2262
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/lS_pjLaY49UqNZlJRtbEV3aMBPU>
Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Mar 2016 20:20:00 -0000
Thanks, Greg. I think the RFC reference mix up was due to 6113 discussing retry (Section 2). The actual error is, indeed, defined in 4120 (7.5.9). Cheers, Seth -----Original Message----- From: Kitten [mailto:kitten-bounces@ietf.org] On Behalf Of Greg Hudson Sent: Monday, March 21, 2016 10:57 AM To: kitten@ietf.org Subject: Re: [kitten] I-D Action: draft-ietf-kitten-pkinit-freshness-04.txt In section 2.4, I think the cross-reference for KDC_ERR_PREAUTH_FAILED should be RFC 4120; although RFC 6113 elaborates on its use, the initial definition is still in 4120. Other than that small editorial issue, my two comments to -03 are addressed. _______________________________________________ Kitten mailing list Kitten@ietf.org https://www.ietf.org/mailman/listinfo/kitten
- [kitten] I-D Action: draft-ietf-kitten-pkinit-fre… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Greg Hudson
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Seth Moore
- Re: [kitten] I-D Action: draft-ietf-kitten-pkinit… Michiko Short