Re: [kitten] advancing some documents to the IESG

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 31 August 2016 08:59 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEA0212DA53 for <kitten@ietfa.amsl.com>; Wed, 31 Aug 2016 01:59:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.849
X-Spam-Level:
X-Spam-Status: No, score=-4.849 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r5j2na9a0O3w for <kitten@ietfa.amsl.com>; Wed, 31 Aug 2016 01:59:19 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A74E12DA55 for <kitten@ietf.org>; Wed, 31 Aug 2016 01:59:18 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 036B7BE29; Wed, 31 Aug 2016 09:59:16 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lbn3FQ-uj82C; Wed, 31 Aug 2016 09:59:08 +0100 (IST)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 968F8BDD0; Wed, 31 Aug 2016 09:59:07 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1472633948; bh=Yt0aOfc7tMvt9ZjOHlbdjh3d0YFCBBOMH5ktQ6aVP7U=; h=Subject:To:References:From:Date:In-Reply-To:From; b=ogBeKFhoHkKJiaHXaohF1q+nFCYX0LCCbKc3IGixtociaWj7Y4UqCYDLfiryq5/jg cV7nEUbmTa6CfFqptmSxv9KaQ3ahZrhGbqH95V6BePPtOCdBf1JkwDD0/Woifx/+6j Tc2DDPg+fnOqt/exA1lPUL8g2s0QKsnJaqKSRLyw=
To: Benjamin Kaduk <kaduk@MIT.EDU>, kitten@ietf.org
References: <20160516161709.16705.29515.idtracker@ietfa.amsl.com> <1463416879.2542.15.camel@redhat.com> <1466709219.20951.3.camel@redhat.com> <alpine.GSO.1.10.1606252344350.18480@multics.mit.edu> <1467033683.2592.2.camel@redhat.com> <alpine.GSO.1.10.1608302133320.5272@multics.mit.edu>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <09863e06-f7ae-d2ec-c30e-7986d39a50b0@cs.tcd.ie>
Date: Wed, 31 Aug 2016 09:59:07 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <alpine.GSO.1.10.1608302133320.5272@multics.mit.edu>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms080807060207070100050107"
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/n_nhpJmGpzZyUtbp84h8rH1LLYE>
Subject: Re: [kitten] advancing some documents to the IESG
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 08:59:22 -0000

Thanks Ben! I look forward to us doing this queue-clearing and
hope the WG find the workflow better.

S.

On 31/08/16 02:51, Benjamin Kaduk wrote:
> (was Re: [kitten] I-D Action: draft-ietf-kitten-krb-auth-indicator-02.txt)
> 
> Looping back to this thread, now that we have the extra reviews from
> Richard and Gerard, the chairs are comfortable advancing it to the IESG; I
> will shepherd.  In accordance with our new workflow, there will not be an
> additional WGLC, but feel free to comment (or object) at any time.
> 
> We also have draft-ietf-kitten-rfc6112bis active, for which Shawn has
> published an updated version (with help from the secretariat).  It needs a
> few more tweaks to the wording and attack description, but the core
> protocol portions look good, so once the revisions are in place, that can
> also move forward to the IESG.  As always, comments are always welcome.
> 
> draft-ietf-kitten-rfc5653bis went through WGLC at the same time as
> rfc6112bis, and also has an updated version as a result of the comments
> from WGLC.  (As a reminder: the main goal is to allow GSSAPI error tokens
> to be generated along with the GSSException that indicates the failure,
> but the review also indicated issues with the stream-based GSSContext
> methods, leading to their removal from the current draft.)  Richard,
> Gerard, and everyone else are encouraged to review that document.
> 
> draft-ietf-kitten-pkinit-freshness is waiting for a shepherd writeup and
> then is expected to advance to the IESG.
> 
> In other PKINIT-related work, the most recent threads the chairs have
> about draft-ietf-kitten-pkinit-alg-agility indicate that it should also be
> ready to advance, but given how long ago they were, some additional
> research is in order to verify that.  More (re-)reviews wouldn't hurt,
> either!
> 
> Please feel free to contact the chairs (or the list) with any questions,
> concerns, or most especially document reviews.
> 
> -Ben
> for the kitten chairs
> 
> 
> 
> On Mon, 27 Jun 2016, Nathaniel McCallum wrote:
> 
>> I'm happy to do so. But, AFAIK, the only review thus far has been
>> yours. There were several other +1's to WG adoption, but no other
>> reviews.
>>
>> On Sat, 2016-06-25 at 23:46 -0400, Benjamin Kaduk wrote:
>>> Yes, it would be good to move this document forward, especially since
>>> it
>>> already has implementation experience.  Would you be interested in
>>> trying
>>> out the proposal to manually track reviews and (mostly) skip WGLC for
>>> this
>>> document?  That thread has not gotten many responses yet...
>>>
>>> -Ben
>>>
>>> On Thu, 23 Jun 2016, Nathaniel McCallum wrote:
>>>
>>>> I propsed this and hear no response. Can we move this draft
>>> forward?
>>>>
>>>> On Mon, 2016-05-16 at 12:41 -0400, Nathaniel McCallum wrote:
>>>>> With this revision, I believe that we are in the home stretch on
>>> this
>>>>> draft. Unless anyone has any objections, I'd like to request that
>>> the
>>>>> chairs begin WGLC.
>>>>>
>>>>> On Mon, 2016-05-16 at 09:17 -0700, internet-drafts@ietf.org wrote
>>> :
>>>>>> A New Internet-Draft is available from the on-line Internet-
>>> Drafts
>>>>>> directories.
>>>>>> This draft is a work item of the Common Authentication
>>> Technology
>>>>>> Next Generation of the IETF.
>>>>>>
>>>>>>         Title           : Authentication Indicator in Kerberos
>>>>>> Tickets
>>>>>>         Authors         : Anupam Jain
>>>>>>                           Nathan Kinder
>>>>>>                           Nathaniel McCallum
>>>>>>    Filename        : draft-ietf-kitten-krb-auth-indicator-02.txt
>>>>>>    Pages           : 5
>>>>>>    Date            : 2016-05-16
>>>>>>
>>>>>> Abstract:
>>>>>>    This document specifies an extension in the Kerberos
>>> protocol
>>>>>>    [RFC4120].  It defines a new authorization data type AD-
>>>>>>    AUTHENTICATION-INDICATOR.  The purpose of introducing this
>>> data
>>>>>> type
>>>>>>    is to include an indicator of the strength of a client's
>>>>>>    authentication in the service tickets so that application
>>>>>> services
>>>>>>    can use it as an input into policy decisions.
>>>>>>
>>>>>>
>>>>>> The IETF datatracker status page for this draft is:
>>>>>> https://datatracker.ietf.org/doc/draft-ietf-kitten-krb-auth-ind
>>> icat
>>>>>> or
>>>>>> /
>>>>>>
>>>>>> There's also a htmlized version available at:
>>>>>> https://tools.ietf.org/html/draft-ietf-kitten-krb-auth-indicato
>>> r-02
>>>>>>
>>>>>> A diff from the previous version is available at:
>>>>>> https://www.ietf.org/rfcdiff?url2=draft-ietf-kitten-krb-auth-in
>>> dica
>>>>>> to
>>>>>> r-02
>>>>>>
>>>>>>
>>>>>> Please note that it may take a couple of minutes from the time
>>> of
>>>>>> submission
>>>>>> until the htmlized version and diff are available at
>>>>>> tools.ietf.org.
>>>>>>
>>>>>> Internet-Drafts are also available by anonymous FTP at:
>>>>>> ftp://ftp.ietf.org/internet-drafts/
>>>>>>
>>>>>> _______________________________________________
>>>>>> Kitten mailing list
>>>>>> Kitten@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/kitten
>>>>>
>>>>> _______________________________________________
>>>>> Kitten mailing list
>>>>> Kitten@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/kitten
>>>>
>>>> _______________________________________________
>>>> Kitten mailing list
>>>> Kitten@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/kitten
>>>>
>>
> 
> 
> 
> _______________________________________________
> Kitten mailing list
> Kitten@ietf.org
> https://www.ietf.org/mailman/listinfo/kitten
>