Re: [Ietf-krb-wg] Updated PAC draft -- FW: I-D Action: draft-sorce-krbwg-general-pac-02.txt
Thomas Hardjono <hardjono@MIT.EDU> Tue, 07 June 2011 01:41 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 136D921F8518 for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Mon, 6 Jun 2011 18:41:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sAHQMRr79LaY for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Mon, 6 Jun 2011 18:41:40 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfa.amsl.com (Postfix) with ESMTP id DEC9421F8517 for <krb-wg-archive@lists.ietf.org>; Mon, 6 Jun 2011 18:41:39 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 87E4035; Mon, 6 Jun 2011 20:41:39 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 281CD42; Mon, 6 Jun 2011 20:41:38 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id D184C80EA0; Mon, 6 Jun 2011 20:41:37 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by lists.anl.gov (Postfix) with ESMTP id E437D80E9C for <ietf-krb-wg@lists.anl.gov>; Mon, 6 Jun 2011 20:41:35 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id CF3847CC064; Mon, 6 Jun 2011 20:41:35 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28569-06; Mon, 6 Jun 2011 20:41:35 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 9EE5A7CC05E for <ietf-krb-wg@lists.anl.gov>; Mon, 6 Jun 2011 20:41:35 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AksAAA6B7U0SB0QimWdsb2JhbABTly+OaBQBAQEBAQgLCwcUJcESiHSGIQSPFIFvhFWLCQ
X-IronPort-AV: E=Sophos;i="4.65,329,1304312400"; d="scan'208";a="61457653"
Received: from dmz-mailsec-scanner-5.mit.edu ([18.7.68.34]) by mailgateway.anl.gov with ESMTP; 06 Jun 2011 20:41:35 -0500
X-AuditID: 12074422-b7b0eae000007f48-bc-4ded81d4cb4d
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id 50.B7.32584.4D18DED4; Mon, 6 Jun 2011 21:41:40 -0400 (EDT)
Received: from outgoing-exchange-2.mit.edu (OUTGOING-EXCHANGE-2.MIT.EDU [18.9.28.16]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id p571fYnV028128; Mon, 6 Jun 2011 21:41:34 -0400
Received: from oc11exedge1.exchange.mit.edu (OC11EXEDGE1.EXCHANGE.MIT.EDU [18.9.3.17]) by outgoing-exchange-2.mit.edu (8.13.8/8.12.4) with ESMTP id p571fXkr031192; Mon, 6 Jun 2011 21:41:33 -0400
Received: from w92exhub5.exchange.mit.edu (18.7.73.11) by oc11exedge1.exchange.mit.edu (18.9.3.17) with Microsoft SMTP Server (TLS) id 8.2.255.0; Mon, 6 Jun 2011 21:40:51 -0400
Received: from EXPO10.exchange.mit.edu ([18.9.4.15]) by w92exhub5.exchange.mit.edu ([18.7.73.11]) with mapi; Mon, 6 Jun 2011 21:41:33 -0400
From: Thomas Hardjono <hardjono@MIT.EDU>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Mon, 06 Jun 2011 21:41:32 -0400
Thread-Topic: [Ietf-krb-wg] Updated PAC draft -- FW: I-D Action: draft-sorce-krbwg-general-pac-02.txt
Thread-Index: AcwkqxTJlrNf1+CBRwKsCmdrfA4J3wAB6WNw
Message-ID: <DADD7EAD88AB484D8CCC328D40214CCD07F85662C6@EXPO10.exchange.mit.edu>
References: <DADD7EAD88AB484D8CCC328D40214CCD07F8F96800@EXPO10.exchange.mit.edu>, <4DED72BD.7040300@cs.tcd.ie>
In-Reply-To: <4DED72BD.7040300@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrCKsWRmVeSWpSXmKPExsUixG6nonul8a2vQcM2CYv3U6cxWUzfe43d gcljbfdVNo+5E6YwBjBFcdmkpOZklqUW6dslcGV8v9bJUrBasuLlhEXsDYxbRLoYOTkkBEwk vh9rZoGwxSQu3FvPBmILCexjlPh/s7aLkQvI3s8osX1DAzuEc4VR4ueHtawQzhZGiQ9PtjBC OP2MEu/XHQfrZxPQkDj3ey87iC0ioC+xd/M5IJuDg1kgWGJCtzyIySKgIjF1FydIhbBAmsSy 5gmsENXpEnunzmaEsI0kFr99xgRi8woESDxZugzqulyJ1iOPwK7mFNCUeDdrP1icEeiD76fW gNUzC4hL3HoynwniM0GJRbP3MMN8+W/XQ6h6UYk77esZIep1JBbs/sQGYWtLLFv4mhlir6DE yZlPWCYwSs5CMnYWkpZZSFpmIWlZwMiyilE2JbdKNzcxM6c4NVm3ODkxLy+1SNdULzezRC81 pXQTIzgyXZR2MP48qHSIUYCDUYmHV+/7G18h1sSy4srcQ4ySHExKoryqDW99hfiS8lMqMxKL M+KLSnNSiw8xSnAwK4nwTogAyvGmJFZWpRblw6SkOViUxHnnSKr7CgmkJ5akZqemFqQWwWRl ODiUJHgjgQlISLAoNT21Ii0zpwQhzcTBCTKcB2i4NUgNb3FBYm5xZjpE/hSjopQ4REIAJJFR mgfXC0ucrxjFgV4R5q0AqeIBJl247ldAg5mABh93egUyuCQRISXVwGi7adbjDV1MR60vb/23 MbrpBcfTfwesNs/cPfHoc+lCTn3er59Mzr+5n9f1j72QQ7Ll+H6dfexq90y9F/K5V52b+iD/ PkO2sXTE56e3jGye8y2ymSfrOqEx5OT08s+2K9vrf3Z3tGTW5+203bPnYfgT1z/fw90SJpm7 asW9tUk8e5NvyY8cd30lluKMREMt5qLiRAB8NihHdwMAAA==
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: "krb-wg mailing list (ietf-krb-wg@lists.anl.gov)" <ietf-krb-wg@lists.anl.gov>
Subject: Re: [Ietf-krb-wg] Updated PAC draft -- FW: I-D Action: draft-sorce-krbwg-general-pac-02.txt
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov
Thanks Stephen -- we will take a look at the SESAME draft. What we are trying to do is create a generalized structure to carry some authorization information in Kerberos. Ideally our PAD structure should be close to (ie. has common fields with) the Privileged Attribute Certificate (PAC) structure, which is defined in the [MS-PAC] document published by Microsoft. http://msdn.microsoft.com/en-us/library/cc237917(v=PROT.10).aspx This is important for systems that want to interoperate with the Microsoft Active Directory (AD) system. Thanks again. cheers, /thomas/ ________________________________________ From: Stephen Farrell [stephen.farrell@cs.tcd.ie] Sent: Monday, June 06, 2011 8:37 PM To: Thomas Hardjono Cc: krb-wg mailing list (ietf-krb-wg@lists.anl.gov) Subject: Re: [Ietf-krb-wg] Updated PAC draft -- FW: I-D Action: draft-sorce-krbwg-general-pac-02.txt Hi Thomas, So since I've only subscribed to this list fairly recently I guess I missed the earlier versions of this. Only thing I'd say is that its nice that what comes around goes around:-) [1] Seriously though, there could be something useful to cut'n'paste from there, so it might be worth a look even if quite outdated. Cheers, S. PS: In case anyone's confused, this is nothing to do with being an AD. (I *hate* having to say that, its just a PITA.) [1] http://tools.ietf.org/html/draft-ietf-cat-sesamemech-01 On 07/06/11 01:05, Thomas Hardjono wrote: > FYI. > > -----Original Message----- > From: i-d-announce-bounces@ietf.org [mailto:i-d-announce-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org > Sent: Monday, June 06, 2011 8:03 PM > To: i-d-announce@ietf.org > Subject: I-D Action: draft-sorce-krbwg-general-pac-02.txt > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > Title : A Generalized PAC for Kerberos V5 > Author(s) : Simo Sorce > Tom Yu > Thomas Hardjono > Filename : draft-sorce-krbwg-general-pac-02.txt > Pages : 15 > Date : 2011-06-06 > > This draft proposes a generalized authorization structure for the > Kerberos V5 protocol. Such an authorization structure would allow > for greater interoperability among directory services and other > related Kerberos services across differing realms. > > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-sorce-krbwg-general-pac-02.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > This Internet-Draft can be retrieved at: > ftp://ftp.ietf.org/internet-drafts/draft-sorce-krbwg-general-pac-02.txt > _______________________________________________ > I-D-Announce mailing list > I-D-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > _______________________________________________ > ietf-krb-wg mailing list > ietf-krb-wg@lists.anl.gov > https://lists.anl.gov/mailman/listinfo/ietf-krb-wg > _______________________________________________ ietf-krb-wg mailing list ietf-krb-wg@lists.anl.gov https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
- [Ietf-krb-wg] Updated PAC draft -- FW: I-D Action… Thomas Hardjono
- Re: [Ietf-krb-wg] Updated PAC draft -- FW: I-D Ac… Stephen Farrell
- Re: [Ietf-krb-wg] Updated PAC draft -- FW: I-D Ac… Thomas Hardjono