IETF Logo Mail Archive

Re: [kitten] Kerberos Preauth Registration for OAuth2 device flow

Pavel Březina <pbrezina@redhat.com> Fri, 26 November 2021 13:01 UTC

Return-Path: <pbrezina@redhat.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CFAA3A0115 for <kitten@ietfa.amsl.com>; Fri, 26 Nov 2021 05:01:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.654
X-Spam-Level:
X-Spam-Status: No, score=-4.654 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.852, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GEf8EtlFIkjd for <kitten@ietfa.amsl.com>; Fri, 26 Nov 2021 05:01:24 -0800 (PST)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F231F3A0105 for <kitten@ietf.org>; Fri, 26 Nov 2021 05:01:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1637931682; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yK3nJNfw8N4M/xToknjZ/U0CrB9c7DfrgBPYrICdNP4=; b=HwJSKTRqxmt+olFuryWctaq+Vs7rlrvZLSFLbwu3sA0LgXLzR9YliorUh4ar7ePmxxCkLG 6gVlrbb8ENT+ltvl+EswuUzLxsbAh7Qd2lADdVEPIB9rv6SO13diZu4ct6DW3dhBrlvLxo WNzYJFFC+BeG3P7lnogaj7pHKvLSOCM=
Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-430-St64CGyXOw2N7uQMKQHzrA-1; Fri, 26 Nov 2021 08:01:19 -0500
X-MC-Unique: St64CGyXOw2N7uQMKQHzrA-1
Received: by mail-wr1-f71.google.com with SMTP id o4-20020adfca04000000b0018f07ad171aso1671542wrh.20 for <kitten@ietf.org>; Fri, 26 Nov 2021 05:01:18 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:references:from:in-reply-to :content-transfer-encoding; bh=yK3nJNfw8N4M/xToknjZ/U0CrB9c7DfrgBPYrICdNP4=; b=Qs+XBcNavnj/i0raDu4sPeA2lx+XayVMOkoHpnExVvOs9PFbu1Scpj96wzyrrtBPzP K5EpyYVeKNKCP+fBChJGP2NeTodZlsmD9MyM840eNgRbinzaDTrbsEe8z/sPrJiS75m6 N2Gk/BN7MnyK8TtuSpizycpBwE6KIHnS8iPMhEOXsbIzbgDQklSS8H82IffGz7KPgXXj nkhkPI+ngTr+j6EGtRRD3xJ3eEe5g9lKfNYnoTx4iYM++XnwCDlLrpG++eZhcvH3wLpN SAtRIHrj38ezbDaUC+4deZrs8LMc3rlcNfcsB8gB6PIQLUdAtuH0dIvsQVxvp4cKIyQ5 +fSw==
X-Gm-Message-State: AOAM531jVfEs67ioMmAG4+fFe45gaxzKtyWbEfXHC7ePb2lsh4dfWUVr ENmRxH3OGepVw2RYnKotiJN2mCF9y1eYpFVCVoUg/rNVB1yWAtsUjmXqOlN6woHSgRBBNV5t/5v 7ZedKId0=
X-Received: by 2002:a1c:8015:: with SMTP id b21mr15070565wmd.161.1637931677820; Fri, 26 Nov 2021 05:01:17 -0800 (PST)
X-Google-Smtp-Source: ABdhPJwke/9P4rv9nf4RbhRxnKCKKxwA+OE0CRz6oIBL7AxLK25Sfsv9h6BeSrWwS3DvOlYyOilXnQ==
X-Received: by 2002:a1c:8015:: with SMTP id b21mr15070536wmd.161.1637931677636; Fri, 26 Nov 2021 05:01:17 -0800 (PST)
Received: from [10.0.1.6] ([83.240.62.52]) by smtp.gmail.com with ESMTPSA id l8sm11820008wmc.40.2021.11.26.05.01.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 26 Nov 2021 05:01:17 -0800 (PST)
Message-ID: <dd0259a1-35af-778d-c46d-48613bf4a484@redhat.com>
Date: Fri, 26 Nov 2021 14:01:16 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.1.0
To: Greg Hudson <ghudson@mit.edu>, Sam Hartman <hartmans-ietf@mit.edu>, kitten@ietf.org
References: <0100017d06db6c83-21cbd2ce-f371-48a9-88ce-5b6452842241-000000@email.amazonses.com> <99094d0b-6bc1-d896-4f70-83f2e1696eb3@mit.edu> <0100017d351e67c9-dc6040a5-6e14-4d36-ba07-815290f9f8c3-000000@email.amazonses.com> <3ff4dce4-b9a3-8324-ae15-8951608aede3@mit.edu> <0100017d4a2e16b3-65c1ab56-2ef1-427c-82b0-6206efb1e67e-000000@email.amazonses.com> <edfa57c8-8544-fce4-c5dc-7d54d5685b4b@mit.edu>
From: Pavel Březina <pbrezina@redhat.com>
In-Reply-To: <edfa57c8-8544-fce4-c5dc-7d54d5685b4b@mit.edu>
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pbrezina@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/obPhQKgyPgT7ZJDd8mY8SemY72E>
Subject: Re: [kitten] Kerberos Preauth Registration for OAuth2 device flow
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Nov 2021 13:01:28 -0000

On 11/23/21 07:37, Greg Hudson wrote:
> On 11/22/21 7:24 PM, Sam Hartman wrote:> Do you have thoughts on a value?
>> 167?
> 
> 167 is PA-PAC-OPTIONS (MS-KILE 3.1.5.1).  Given Microsoft's history of
> using types without registration, I would avoid anything in the 160-180
> space as a practical matter.
> 
> I haven't heard of any conflicts with SPAKE being 151, so I think 152
> should be safe.  But I would also be fine with picking a somewhat higher
> base for registered but non-IETF-standardized types.

I'm fine with any number, but using higher for non-standard types sounds 
like a reasonable thing to do.

v2.23.0 | Report a Bug | By Email