Re: [kitten] RFC2743 errata 4251

Jeffrey Hutzelman <jhutz@cmu.edu> Thu, 05 March 2015 22:21 UTC

Return-Path: <jhutz@cmu.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6005D1A9025 for <kitten@ietfa.amsl.com>; Thu, 5 Mar 2015 14:21:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y9o81ijLZvgN for <kitten@ietfa.amsl.com>; Thu, 5 Mar 2015 14:21:21 -0800 (PST)
Received: from smtp02.srv.cs.cmu.edu (smtp02.srv.cs.cmu.edu [128.2.217.201]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AABC1A9074 for <kitten@ietf.org>; Thu, 5 Mar 2015 14:21:21 -0800 (PST)
Received-SPF: none (cmu.edu: No applicable sender policy available) receiver=smtp02.srv.cs.cmu.edu; identity=mailfrom; envelope-from="jhutz@cmu.edu"; helo="[128.2.193.239]"; client-ip=128.2.193.239
Received: from [128.2.193.239] (minbar.fac.cs.cmu.edu [128.2.193.239]) (authenticated bits=0) by smtp02.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id t25MLI3J010960 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Thu, 5 Mar 2015 17:21:19 -0500 (EST)
Message-ID: <1425594078.10529.74.camel@MINBAR.FAC.CS.CMU.EDU>
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: Benjamin Kaduk <kaduk@MIT.EDU>
Date: Thu, 05 Mar 2015 17:21:18 -0500
In-Reply-To: <alpine.GSO.1.10.1502251131520.3953@multics.mit.edu>
References: <alpine.GSO.1.10.1411241330400.19231@multics.mit.edu> <20141124185114.GM3200@localhost> <alpine.GSO.1.10.1412091618550.23489@multics.mit.edu> <20141209215519.GI12979@localhost> <alpine.GSO.1.10.1412091856160.23489@multics.mit.edu> <20141210002441.GP12979@localhost> <alpine.GSO.1.10.1412101349030.23489@multics.mit.edu> <548F185E.70701@mit.edu> <5492032F.9050607@mit.edu> <20141217230505.GD9443@localhost> <20141220001633.GD12662@localhost> <1421269970.18482.184.camel@minbar.fac.cs.cmu.edu> <alpine.GSO.1.10.1501201620290.23489@multics.mit.edu> <alpine.GSO.1.10.1501201908540.23489@multics.mit.edu> <alpine.GSO.1.10.1502251131520.3953@multics.mit.edu>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.2.3-0ubuntu6
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0
X-Scanned-By: mimedefang-cmuscs on 128.2.217.201
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/rnmxc8ovyTrOGVDfOX_KMKW8Om0>
Cc: kitten@ietf.org, jhutz@cmu.edu
Subject: Re: [kitten] RFC2743 errata 4251
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2015 22:21:23 -0000

On Wed, 2015-02-25 at 11:40 -0500, Benjamin Kaduk wrote:

>   Section 2.2.4 says:
> 
>      o  GSS_S_FAILURE indicates that the context is recognized, but that
>      the GSS_Process_context_token() operation could not be performed
>      for reasons unspecified at the GSS-API level.
> 
>   It should say:
> 
>      o  GSS_S_FAILURE indicates that the context is recognized, but
>      either the GSS_Process_context_token() operation could not be
>      performed for reasons unspecified at the GSS-API level, or the peer
>      had an error consuming the last context token sent to it.  The latter
>      occurs when the local side became fully established and produced one
>      last token which was sent to the peer, but the peer encountered an
>      error while processing that last context token.  In either case the
>      minor status code provides additional information.
> 
>      In the case of successful processing of error tokens, the minor
>      status code provides information from the input token.  The display
>      string outputs of GSS_Display_status() as applied to such minor
>      status codes should indicate that the error originated on the remote
>      peer, along with the nature of the error.  Note that there is no
>      way to distinguish failures of GSS_Process_context_token() from
>      error token information other than to read the human-readable status
>      display strings.


Sounds good.