IETF Logo Mail Archive

Re: [Ietf-krb-wg] Rechartering

Thomas Hardjono <hardjono@MIT.EDU> Wed, 16 March 2011 14:56 UTC

Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@core3.amsl.com
Delivered-To: ietfarch-krb-wg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3140F3A695C for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 16 Mar 2011 07:56:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c80WH1cYypnE for <ietfarch-krb-wg-archive@core3.amsl.com>; Wed, 16 Mar 2011 07:56:29 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by core3.amsl.com (Postfix) with ESMTP id 753B33A6954 for <krb-wg-archive@lists.ietf.org>; Wed, 16 Mar 2011 07:56:29 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 060D062; Wed, 16 Mar 2011 09:57:56 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id AC1C352; Wed, 16 Mar 2011 09:57:53 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 8FF892CC0CB; Wed, 16 Mar 2011 09:57:53 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 0C06080E7D for <ietf-krb-wg@lists.anl.gov>; Wed, 16 Mar 2011 09:57:52 -0500 (CDT)
Received: by mailhost.anl.gov (Postfix) id 053942B; Wed, 16 Mar 2011 09:57:52 -0500 (CDT)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id F19FF58 for <ietf-krb-wg@anl.gov>; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id E7DE22B for <ietf-krb-wg@anl.gov>; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id C7E377CC076; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16807-07; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 9E2707CC05D for <ietf-krb-wg@anl.gov>; Wed, 16 Mar 2011 09:57:51 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Aj0AANZsgE0SB0QlnGdsb2JhbACYU403FAEBAQEBCAsJCRQluFCIa4J8H4JIBItBgR2DUw
X-IronPort-AV: E=Sophos; i="4.63,194,1299477600"; d="p7s'?scan'208"; a="57070272"
Received: from dmz-mailsec-scanner-8.mit.edu ([18.7.68.37]) by mailgateway.anl.gov with ESMTP; 16 Mar 2011 09:57:51 -0500
X-AuditID: 12074425-b7c98ae000000a04-40-4d80cfee32fc
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) by dmz-mailsec-scanner-8.mit.edu (Symantec Brightmail Gateway) with SMTP id 47.58.02564.EEFC08D4; Wed, 16 Mar 2011 10:57:50 -0400 (EDT)
Received: from outgoing-exchange-1.mit.edu (OUTGOING-EXCHANGE-1.MIT.EDU [18.9.28.15]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id p2GEvonq001404; Wed, 16 Mar 2011 10:57:50 -0400
Received: from w92exedge3.EXCHANGE.MIT.EDU (W92EXEDGE3.EXCHANGE.MIT.EDU [18.7.73.15]) by outgoing-exchange-1.mit.edu (8.13.8/8.12.4) with ESMTP id p2GEvntB018410; Wed, 16 Mar 2011 10:57:50 -0400
Received: from w92exhub10.exchange.mit.edu (18.7.73.18) by w92exedge3.exchange.mit.edu (18.7.73.15) with Microsoft SMTP Server (TLS) id 8.2.254.0; Wed, 16 Mar 2011 10:57:29 -0400
Received: from EXPO10.exchange.mit.edu ([18.9.4.15]) by w92exhub10.exchange.mit.edu ([18.7.73.18]) with mapi; Wed, 16 Mar 2011 10:57:49 -0400
From: Thomas Hardjono <hardjono@MIT.EDU>
To: "ietf-krb-wg@anl.gov" <ietf-krb-wg@anl.gov>
Date: Wed, 16 Mar 2011 10:57:46 -0400
Thread-Topic: [Ietf-krb-wg] Rechartering
Thread-Index: AQMonr3X2mToe0n11geaJ4a6zWOsvZF2knVQ
Message-ID: <DADD7EAD88AB484D8CCC328D40214CCD07F4FB2806@EXPO10.exchange.mit.edu>
References: <1300249954.22824.73.camel@destiny>
In-Reply-To: <1300249954.22824.73.camel@destiny>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAReeXZw=
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: "tim.polk@nist.gov" <tim.polk@nist.gov>
Subject: Re: [Ietf-krb-wg] Rechartering
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2162997540979682560=="
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov

Jeff, Larry, Tim,

I think the WG charter also needs to have language that express the
openness of the WG to the addition of well-defined new items (that are
not currently listed in the charter). It also need to define the
process to add such new items (beyond waiting for a recharter every
several years).

Otherwise we may have the situation where there are X number of items
progressing at glacial speed (because of one reason or another) and
the WG not accepting new items because these X items are stuck. Such a
situation would not encourage newcomers with new ideas to the WG.

ps. The draft looks good - I'll send other comments separately.


Thanks.

/thomas/

______________________________


> -----Original Message-----
> From: ietf-krb-wg-bounces@lists.anl.gov [mailto:ietf-krb-wg-
> bounces@lists.anl.gov] On Behalf Of Jeffrey Hutzelman
> Sent: Wednesday, March 16, 2011 12:33 AM
> To: ietf-krb-wg@anl.gov
> Cc: jhutz@cmu.edu
> Subject: [Ietf-krb-wg] Rechartering
> 
> OK, folks.  Below is draft 00 of a proposed charter update for the
> Kerberos working group.  I think this covers nearly all of the
> proposals I'm aware of, with the exception of KX509, which is
missing
> from this draft only because I'm tired and haven't figured out how
to
> write it up.
> 
> A couple of notes...
> 
> - This covers only the "Description of Working Group" part of the
>   charter, which should be the only part needing group discussion.
>   Milestones will be by agreement between the chairs, authors, and
AD,
>   and the rest is formulaic.
> 
> - I believe we work most effectively with a set of reasonable
focused
>   tasks, rather than a broad unrestricted mandate.  Therefore, the
>   work items in this proposal tend to be fairly focused.  The major
>   exception is enctype work, because it has been clearly
demonstrated
>   that we need the flexibility to adopt or review work in this area
>   as needed and on an ongoing basis.
> 
> - Generally, I believe working groups should be chartered to solve
>   specific problems, rather than to work on specific documents.  I
>   also believe that charters should usually leave the working group
>   free to choose the most appropriate solution or to develop more
than
>   one solution when circumstances warrant.  Therefore, the work
items
>   in this proposal tend to focus on a problem without mandating any
>   particular solution, and except for the "Complete existing work"
>   item, do not name specific documents.
> 
> - Formally, charter updates do not require working group consensus;
>   rather, they are a matter for the IESG and the responsible AD.
>   However, in practice, a charter which is supported by a consensus
>   of the working group is likely to be adopted with little
difficulty,
>   especially if there is demonstrated support in the form of
volunteers
>   willing to contribute to, edit, and review documents.  Therefore,
I
>   intend to send this on only when I believe that such a consensus
and
>   support exists.
> 
> Please send any comments to me and/or to the list.
> 
> -- Jeff
> 
> Description of Working Group:
> 
> Kerberos over the years has been ported to virtually every operating
> system.  There are at least two open source versions, with numerous
> commercial versions based on these and other proprietary
> implementations.
> Kerberos evolution has continued in recent years, with the
development
> of new crypto and preauthentication frameworks, support for initial
> authentication using public keys, improved support for protecting
> clients' long-term keys during initial authentication, support for
> anonymous and partially-anonymous authentication, and numerous
> extensions developed in and out of the IETF.
> 
> However, wider deployment and advances in technology bring with them
> both new challenges and new opportunities, such as exploring support
> for new mechanisms for initial authentication, new cryptographic
> technologies, and better integration of Kerberos with other systems
for
> authentication, authorization, and identity management.
> In addition, several key features remain undefined.
> 
> The Kerberos Working Group will continue to improve the core
Kerberos
> specification, develop extensions to address new needs and
technologies
> related to the areas described above, and produce specifications for
> missing functionality.
> 
> 
> Specifically, the Working Group will:
> 
> * Complete existing work, including:
>    - DHCP Option               (draft-sakane-dhc-dhcpv6-kdc-option-
> 09.txt)
>    - KDC Data Model            (draft-ietf-krb-wg-kdc-model-08.txt)
>    - One-Time Passwords
(draft-ietf-krb-wg-otp-preauth-13.txt)
>    - IAKERB                    (draft-ietf-krb-wg-iakerb-02.txt)
>    - Single-DES Deprecation    (draft-lha-des-die-die-die-05.txt)
> 
>    - Hash agility for GSS-KRB5
(draft-ietf-krb-wg-gss-cb-hash-agility-
> 05.txt)
>    - Hash agility for PKINIT
(draft-ietf-krb-wg-pkinit-alg-agility-
> 04.txt)
>    - Referrals
(draft-ietf-krb-wg-kerberos-referrals-
> 11.txt)
>    - Set/Change Password
(draft-ietf-krb-wg-kerberos-set-passwd-
> 06.txt)
> 
> * Prepare and advance one or more standards-track specifications
which
>   update the Kerberos version 5 protocol in a backward-compatible
way
>   to support non-ASCII principal and realm names, salt strings, and
>   passwords, and localized error reporting.
> 
> * Prepare and advance one or more standards-track specifications
which
>   update the Kerberos version 5 protocol in a backward-compatible
way
>   to enable future protocol revisions and extensions.
> 
> * Prepare, review, and advance standards-track and informational
>   specifications defining use of new cryptographic algorithms in the
>   Kerberos protocol, on an ongoing basis.
> 
> * Prepare and advance one or more standards-track specifications
>   defining a generalized Principal Authorization Data (PAD)
structure
>   for conveying authorization-related information.
> 
> * Prepare and advance one or more standards-track specifications
>   which define mechanisms for establishing keys and configuration
>   information used during authentication between Kerberos realms.
> 
> * Prepare and advance a standards-track specification defining a
>   format for the transport of Kerberos credentials within other
>   protocols.
> 
> * Produce an LDAP schema for management of the KDC's database.
> 
> 
> _______________________________________________
> ietf-krb-wg mailing list
> ietf-krb-wg@lists.anl.gov
> https://lists.anl.gov/mailman/listinfo/ietf-krb-wg

_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg

v2.23.0 | Report a Bug | By Email