Re: [kitten] WGLC for three "bis" documents: draft-ietf-kitten-rfc4402bis-00, draft-ietf-kitten-rfc5653bis-01, draft-ietf-kitten-rfc6112bis-00

Benjamin Kaduk <kaduk@MIT.EDU> Fri, 06 February 2015 04:19 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD8071A0366 for <kitten@ietfa.amsl.com>; Thu, 5 Feb 2015 20:19:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iWDw7oOgUNwL for <kitten@ietfa.amsl.com>; Thu, 5 Feb 2015 20:19:22 -0800 (PST)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2E961A028A for <kitten@ietf.org>; Thu, 5 Feb 2015 20:19:19 -0800 (PST)
X-AuditID: 1209190e-f799e6d000000cfe-9a-54d440c679d2
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id 99.97.03326.6C044D45; Thu, 5 Feb 2015 23:19:18 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id t164JHwW028278; Thu, 5 Feb 2015 23:19:18 -0500
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t164JEKP007330 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 5 Feb 2015 23:19:16 -0500
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t164JDUC001355; Thu, 5 Feb 2015 23:19:13 -0500 (EST)
Date: Thu, 5 Feb 2015 23:19:12 -0500 (EST)
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Martin Rex <mrex@sap.com>
In-Reply-To: <20150205235418.3C2BD1B15B@ld9781.wdf.sap.corp>
Message-ID: <alpine.GSO.1.10.1502052318200.3953@multics.mit.edu>
References: <20150205235418.3C2BD1B15B@ld9781.wdf.sap.corp>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkleLIzCtJLcpLzFFi42IR4hRV1j3mcCXE4MZzJYujm1exWPT+3sFs 8XXpBmYHZo8lS34yeXx8eovFY8rnrYwBzFFcNimpOZllqUX6dglcGU/XbmMrWMBSsfvuScYG xvXMXYwcHBICJhJbLgh0MXICmWISF+6tZwOxhQQWM0nc3xwDYW9glOhfqtjFyAVkH2SSWHN4 GiNEol7iw5Or7CA2i4CWxOfVa8HibAIqEjPfbAQbJCIgKzHt2huwOLNAosSjVdPZQAYJC8xk lOg808wEkuAUsJG4dOY1K4jNK+Ag0X9iBTvEAmuJE/sWgtWICuhIrN4/hQWiRlDi5MwnLBBD tSSWT9/GMoFRcBaS1CwkqQWMTKsYZVNyq3RzEzNzilOTdYuTE/PyUot0jfVyM0v0UlNKNzGC Q1eSbwfj14NKhxgFOBiVeHgTeK+ECLEmlhVX5h5ilORgUhLlFVADCvEl5adUZiQWZ8QXleak Fh9ilOBgVhLhZfh7OUSINyWxsiq1KB8mJc3BoiTOu+kHX4iQQHpiSWp2ampBahFMVoaDQ0mC N9QeaKhgUWp6akVaZk4JQpqJgxNkOA/Q8B0gNbzFBYm5xZnpEPlTjLocC9r3z2QSYsnLz0uV EuetAikSACnKKM2DmwNLOa8YxYHeEubdC1LFA0xXcJNeAS1hAloie/ECyJKSRISUVANjwTFm X5UFujEq1ydyimdcMFe+cnJvSFSThlPms00dMXEtBb5Cj94apkw9XswhU+Ac2r5Y096z7NDs q7yx9r3nFk+YOWOHDJvWQdOOJY13fs76X3InXKfq3xyPe5YbdPSNZ+j38n279Ot7aa2M6DvP 8JnSzuo5DB//XPjxZ1nrDp47E1OXqP5QYinOSDTUYi4qTgQAuHT83xQDAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/uRXhtF7Y4ZIWP_2i0TlaFpY_Hrk>
Cc: kitten@ietf.org
Subject: Re: [kitten] WGLC for three "bis" documents: draft-ietf-kitten-rfc4402bis-00, draft-ietf-kitten-rfc5653bis-01, draft-ietf-kitten-rfc6112bis-00
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2015 04:19:26 -0000

On Thu, 5 Feb 2015, Martin Rex wrote:

>
> GSS-API does *NOT* define a wire protocol, only a wire token format.
> It is *ENTIRELY* up to the application to decide about whether and how
> to embed and send GSS-API tokens .. or not.
>
> It is perfectly OK for an application to discard a context level token
> from a gssapi mechanism that is returned along with a fatal major_status
> from the context iterator call -- *unless* the specific application wire
> protocol explicitly requires a different behaviour[*].

Exactly.

-Ben