Re: [Ietf-krb-wg] Rechartering
Thomas Hardjono <hardjono@MIT.EDU> Wed, 16 March 2011 14:56 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@core3.amsl.com
Delivered-To: ietfarch-krb-wg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3140F3A695C for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 16 Mar 2011 07:56:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c80WH1cYypnE for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 16 Mar 2011 07:56:29 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id 753B33A6954 for <krb-wg-archive@lists.ietf.org>; Wed, 16 Mar 2011 07:56:29 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 060D062; Wed, 16 Mar 2011 09:57:56 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id AC1C352; Wed, 16 Mar 2011 09:57:53 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 8FF892CC0CB; Wed, 16 Mar 2011 09:57:53 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 0C06080E7D for <ietf-krb-wg@lists.anl.gov>; Wed, 16 Mar 2011 09:57:52 -0500 (CDT)
Received: by mailhost.anl.gov (Postfix) id 053942B; Wed, 16 Mar 2011 09:57:52 -0500 (CDT)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id F19FF58 for <ietf-krb-wg@anl.gov>; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id E7DE22B for <ietf-krb-wg@anl.gov>; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id C7E377CC076; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16807-07; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 9E2707CC05D for <ietf-krb-wg@anl.gov>; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Aj0AANZsgE0SB0QlnGdsb2JhbACYU403FAEBAQEBCAsJCRQluFCIa4J8H4JIBItBgR2DUw
X-IronPort-AV: E=Sophos; i="4.63,194,1299477600"; d="p7s'?scan'208"; a="57070272"
Received: from dmz-mailsec-scanner-8.mit.edu ([18.7.68.37]) by mailgateway.anl.gov with ESMTP; 16 Mar 2011 09:57:51 -0500
X-AuditID: 12074425-b7c98ae000000a04-40-4d80cfee32fc
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) by dmz-mailsec-scanner-8.mit.edu (Symantec Brightmail Gateway) with SMTP id 47.58.02564.EEFC08D4; Wed, 16 Mar 2011 10:57:50 -0400 (EDT)
Received: from outgoing-exchange-1.mit.edu (OUTGOING-EXCHANGE-1.MIT.EDU [18.9.28.15]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id p2GEvonq001404; Wed, 16 Mar 2011 10:57:50 -0400
Received: from w92exedge3.EXCHANGE.MIT.EDU (W92EXEDGE3.EXCHANGE.MIT.EDU [18.7.73.15]) by outgoing-exchange-1.mit.edu (8.13.8/8.12.4) with ESMTP id p2GEvntB018410; Wed, 16 Mar 2011 10:57:50 -0400
Received: from w92exhub10.exchange.mit.edu (18.7.73.18) by w92exedge3.exchange.mit.edu (18.7.73.15) with Microsoft SMTP Server (TLS) id 8.2.254.0; Wed, 16 Mar 2011 10:57:29 -0400
Received: from EXPO10.exchange.mit.edu ([18.9.4.15]) by w92exhub10.exchange.mit.edu ([18.7.73.18]) with mapi; Wed, 16 Mar 2011 10:57:49 -0400
From: Thomas Hardjono <hardjono@MIT.EDU>
To: "ietf-krb-wg@anl.gov" <ietf-krb-wg@anl.gov>
Date: Wed, 16 Mar 2011 10:57:46 -0400
Thread-Topic: [Ietf-krb-wg] Rechartering
Thread-Index: AQMonr3X2mToe0n11geaJ4a6zWOsvZF2knVQ
Message-ID: <DADD7EAD88AB484D8CCC328D40214CCD07F4FB2806@EXPO10.exchange.mit.edu>
References: <1300249954.22824.73.camel@destiny>
In-Reply-To: <1300249954.22824.73.camel@destiny>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAReeXZw=
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: "tim.polk@nist.gov" <tim.polk@nist.gov>
Subject: Re: [Ietf-krb-wg] Rechartering
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2162997540979682560=="
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov
Jeff, Larry, Tim, I think the WG charter also needs to have language that express the openness of the WG to the addition of well-defined new items (that are not currently listed in the charter). It also need to define the process to add such new items (beyond waiting for a recharter every several years). Otherwise we may have the situation where there are X number of items progressing at glacial speed (because of one reason or another) and the WG not accepting new items because these X items are stuck. Such a situation would not encourage newcomers with new ideas to the WG. ps. The draft looks good - I'll send other comments separately. Thanks. /thomas/ ______________________________ > -----Original Message----- > From: ietf-krb-wg-bounces@lists.anl.gov [mailto:ietf-krb-wg- > bounces@lists.anl.gov] On Behalf Of Jeffrey Hutzelman > Sent: Wednesday, March 16, 2011 12:33 AM > To: ietf-krb-wg@anl.gov > Cc: jhutz@cmu.edu > Subject: [Ietf-krb-wg] Rechartering > > OK, folks. Below is draft 00 of a proposed charter update for the > Kerberos working group. I think this covers nearly all of the > proposals I'm aware of, with the exception of KX509, which is missing > from this draft only because I'm tired and haven't figured out how to > write it up. > > A couple of notes... > > - This covers only the "Description of Working Group" part of the > charter, which should be the only part needing group discussion. > Milestones will be by agreement between the chairs, authors, and AD, > and the rest is formulaic. > > - I believe we work most effectively with a set of reasonable focused > tasks, rather than a broad unrestricted mandate. Therefore, the > work items in this proposal tend to be fairly focused. The major > exception is enctype work, because it has been clearly demonstrated > that we need the flexibility to adopt or review work in this area > as needed and on an ongoing basis. > > - Generally, I believe working groups should be chartered to solve > specific problems, rather than to work on specific documents. I > also believe that charters should usually leave the working group > free to choose the most appropriate solution or to develop more than > one solution when circumstances warrant. Therefore, the work items > in this proposal tend to focus on a problem without mandating any > particular solution, and except for the "Complete existing work" > item, do not name specific documents. > > - Formally, charter updates do not require working group consensus; > rather, they are a matter for the IESG and the responsible AD. > However, in practice, a charter which is supported by a consensus > of the working group is likely to be adopted with little difficulty, > especially if there is demonstrated support in the form of volunteers > willing to contribute to, edit, and review documents. Therefore, I > intend to send this on only when I believe that such a consensus and > support exists. > > Please send any comments to me and/or to the list. > > -- Jeff > > Description of Working Group: > > Kerberos over the years has been ported to virtually every operating > system. There are at least two open source versions, with numerous > commercial versions based on these and other proprietary > implementations. > Kerberos evolution has continued in recent years, with the development > of new crypto and preauthentication frameworks, support for initial > authentication using public keys, improved support for protecting > clients' long-term keys during initial authentication, support for > anonymous and partially-anonymous authentication, and numerous > extensions developed in and out of the IETF. > > However, wider deployment and advances in technology bring with them > both new challenges and new opportunities, such as exploring support > for new mechanisms for initial authentication, new cryptographic > technologies, and better integration of Kerberos with other systems for > authentication, authorization, and identity management. > In addition, several key features remain undefined. > > The Kerberos Working Group will continue to improve the core Kerberos > specification, develop extensions to address new needs and technologies > related to the areas described above, and produce specifications for > missing functionality. > > > Specifically, the Working Group will: > > * Complete existing work, including: > - DHCP Option (draft-sakane-dhc-dhcpv6-kdc-option- > 09.txt) > - KDC Data Model (draft-ietf-krb-wg-kdc-model-08.txt) > - One-Time Passwords (draft-ietf-krb-wg-otp-preauth-13.txt) > - IAKERB (draft-ietf-krb-wg-iakerb-02.txt) > - Single-DES Deprecation (draft-lha-des-die-die-die-05.txt) > > - Hash agility for GSS-KRB5 (draft-ietf-krb-wg-gss-cb-hash-agility- > 05.txt) > - Hash agility for PKINIT (draft-ietf-krb-wg-pkinit-alg-agility- > 04.txt) > - Referrals (draft-ietf-krb-wg-kerberos-referrals- > 11.txt) > - Set/Change Password (draft-ietf-krb-wg-kerberos-set-passwd- > 06.txt) > > * Prepare and advance one or more standards-track specifications which > update the Kerberos version 5 protocol in a backward-compatible way > to support non-ASCII principal and realm names, salt strings, and > passwords, and localized error reporting. > > * Prepare and advance one or more standards-track specifications which > update the Kerberos version 5 protocol in a backward-compatible way > to enable future protocol revisions and extensions. > > * Prepare, review, and advance standards-track and informational > specifications defining use of new cryptographic algorithms in the > Kerberos protocol, on an ongoing basis. > > * Prepare and advance one or more standards-track specifications > defining a generalized Principal Authorization Data (PAD) structure > for conveying authorization-related information. > > * Prepare and advance one or more standards-track specifications > which define mechanisms for establishing keys and configuration > information used during authentication between Kerberos realms. > > * Prepare and advance a standards-track specification defining a > format for the transport of Kerberos credentials within other > protocols. > > * Produce an LDAP schema for management of the KDC's database. > > > _______________________________________________ > ietf-krb-wg mailing list > ietf-krb-wg@lists.anl.gov > https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
_______________________________________________ ietf-krb-wg mailing list ietf-krb-wg@lists.anl.gov https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
- [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Thomas Hardjono
- Re: [Ietf-krb-wg] Rechartering Sam Hartman
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Sam Hartman
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Tom Yu
- Re: [Ietf-krb-wg] Rechartering Nico Williams
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Henry B. Hotz
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Jeffrey Hutzelman
- Re: [Ietf-krb-wg] Rechartering Sam Hartman
- [Ietf-krb-wg] Charter Scope Sam Hartman
- Re: [Ietf-krb-wg] Charter Scope Nico Williams
- Re: [Ietf-krb-wg] Charter Scope Thomas Hardjono
- Re: [Ietf-krb-wg] Charter Scope Sam Hartman