Re: [kitten] Some test registrations according to draft-ietf-kitten-gssapi-extensions-iana-08.txt
Shawn M Emery <shawn.emery@oracle.com> Thu, 30 October 2014 05:45 UTC
Return-Path: <shawn.emery@oracle.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A22F1AD00F for <kitten@ietfa.amsl.com>; Wed, 29 Oct 2014 22:45:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vr73bG3B3RbC for <kitten@ietfa.amsl.com>; Wed, 29 Oct 2014 22:45:41 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71DC91AD014 for <kitten@ietf.org>; Wed, 29 Oct 2014 22:45:40 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s9U5jdX5009440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <kitten@ietf.org>; Thu, 30 Oct 2014 05:45:39 GMT
Received: from userz7022.oracle.com (userz7022.oracle.com [156.151.31.86]) by ucsinet22.oracle.com (8.14.5+Sun/8.14.5) with ESMTP id s9U4vSYo025495 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <kitten@ietf.org>; Thu, 30 Oct 2014 04:57:28 GMT
Received: from abhmp0015.oracle.com (abhmp0015.oracle.com [141.146.116.21]) by userz7022.oracle.com (8.14.5+Sun/8.14.4) with ESMTP id s9U4vRl6025486 for <kitten@ietf.org>; Thu, 30 Oct 2014 04:57:28 GMT
Received: from [10.159.101.6] (/10.159.101.6) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 29 Oct 2014 22:45:38 -0700
Message-ID: <5451D0A2.1040907@oracle.com>
Date: Wed, 29 Oct 2014 23:46:10 -0600
From: Shawn M Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:17.0) Gecko/20141007 Thunderbird/17.0.11
MIME-Version: 1.0
To: kitten@ietf.org
References: <53D138AC.60702@isode.com> <5440B05B.9040408@oracle.com> <alpine.GSO.1.10.1410262056090.27826@multics.mit.edu>
In-Reply-To: <alpine.GSO.1.10.1410262056090.27826@multics.mit.edu>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/mHAImTPBlGi92xBTMbfTkpi_W9c
Subject: Re: [kitten] Some test registrations according to draft-ietf-kitten-gssapi-extensions-iana-08.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Oct 2014 05:45:42 -0000
On 10/26/14 06:57 PM, Benjamin Kaduk wrote:
> On Fri, 17 Oct 2014, Shawn M Emery wrote:
>
>> Could folks please review the example registry that we would like to include
>> in the draft-ietf-kitten-gssapi-extensions-iana draft?
>>
>> Thanks,
>>
>> Shawn.
>> --
>> On 07/24/14 10:47 AM, Alexey Melnikov wrote:
>>> Bindings: C
>>> Registration type: Instance
>>> Object Type: Context-Flag
>>> Symbol Name: GSS_C_DELEG_FLAG
>>> Binding of: deleg_state or deleg_req_flag
>>> Constant Value/Range: 1
>>> Description: On output (if set): Delegated credentials are available
>>> via the delegated_cred_handle
>>> parameter of GSS_Accept_sec_context/GSS_Init_sec_context.
> Er, GSS_Init_sec_context does not have a delegated_cred_handle argument.
Yes, this is confusing, but there are trade-offs with using abbreviated
text and being thorough in description. Would something like the
following make this more clear?:
Description: On output (if set): Delegated credentials are available
via the delegated_cred_handle parameter of GSS_Accept_sec_context
On input (if set): With the call to GSS_Init_sec_context,
delegate credentials to the acceptor
Note that I'm not aware of what field length constraints there are for
registry entries.
>
> Otherwise, these look fine to me.
Thanks for your review.
Shawn.
--
>>> On input (if set): requests delegation of access rights.
>>> Registration Rules: N/A
>>> Reference: RFC 2744
>>> Expert Reviewer: Kitten WG
>>> Expert Review Notes:
>>> Status: Registered
>>> Obsoleting Reference: N/A
>
- [kitten] Some test registrations according to dra… Alexey Melnikov
- Re: [kitten] Some test registrations according to… Shawn M Emery
- Re: [kitten] Some test registrations according to… Greg Hudson
- Re: [kitten] Some test registrations according to… Benjamin Kaduk
- Re: [kitten] Some test registrations according to… Shawn M Emery
- Re: [kitten] Some test registrations according to… Benjamin Kaduk