IETF Logo Mail Archive

Re: [Ietf-krb-wg] Gen-ART review of draft-ietf-krb-wg-otp-preauth-18

<gareth.richards@rsa.com> Fri, 26 August 2011 15:58 UTC

Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 370A521F8A70 for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Fri, 26 Aug 2011 08:58:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1GV4DiIuHZgg for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Fri, 26 Aug 2011 08:58:10 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfa.amsl.com (Postfix) with ESMTP id 83C0421F8ABD for <krb-wg-archive@lists.ietf.org>; Fri, 26 Aug 2011 08:58:10 -0700 (PDT)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id AFDF75F; Fri, 26 Aug 2011 10:59:26 -0500 (CDT)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 7B3D64A; Fri, 26 Aug 2011 10:59:26 -0500 (CDT)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 68CDB80EA8; Fri, 26 Aug 2011 10:59:26 -0500 (CDT)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by lists.anl.gov (Postfix) with ESMTP id 48EC980EA3 for <ietf-krb-wg@lists.anl.gov>; Fri, 26 Aug 2011 10:59:25 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id 26E6D7CC056; Fri, 26 Aug 2011 10:59:25 -0500 (CDT)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 21739-03-3; Fri, 26 Aug 2011 10:59:25 -0500 (CDT)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 613A57CC05E for <ietf-krb-wg@lists.anl.gov>; Fri, 26 Aug 2011 10:59:24 -0500 (CDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvMAAOvBV06A3iAUkWdsb2JhbAA4CpkJjxkUAQEBAQkLCwcUBSCBQAEBAQECAToxDhACAQgwBAIQMiUBAQQODYdquk6DKCCCJGAEkxqRHA
X-IronPort-AV: E=Sophos;i="4.68,285,1312174800"; d="scan'208";a="65820327"
Received: from mexforward.lss.emc.com ([128.222.32.20]) by mailgateway.anl.gov with ESMTP/TLS/DHE-RSA-AES256-SHA; 26 Aug 2011 10:59:23 -0500
Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p7QFx9KE010181 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 26 Aug 2011 11:59:09 -0400
Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.130]) by hop04-l1d11-si02.isus.emc.com (RSA Interceptor); Fri, 26 Aug 2011 11:58:57 -0400
Received: from mxhub20.corp.emc.com (mxhub20.corp.emc.com [10.254.93.49]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p7QFwvdw016160; Fri, 26 Aug 2011 11:58:57 -0400
Received: from MX11A.corp.emc.com ([169.254.1.161]) by mxhub20.corp.emc.com ([10.254.93.49]) with mapi; Fri, 26 Aug 2011 11:58:57 -0400
From: gareth.richards@rsa.com
To: simon@josefsson.org
Date: Fri, 26 Aug 2011 11:58:55 -0400
Thread-Topic: Gen-ART review of draft-ietf-krb-wg-otp-preauth-18
Thread-Index: AcxkB7unBRSZvmP1T2y7dylyaUSG4wAATmug
Message-ID: <B1371F619AB0A94C9AC73CF2E475485B038C518909@MX11A.corp.emc.com>
References: <7C4DFCE962635144B8FAE8CA11D0BF1E0589672C6A@MX14A.corp.emc.com> <tslliui6ycj.fsf@mit.edu> <7C4DFCE962635144B8FAE8CA11D0BF1E0589672CE3@MX14A.corp.emc.com> <B1371F619AB0A94C9AC73CF2E475485B038C5188E1@MX11A.corp.emc.com> <87sjoocgxs.fsf@latte.josefsson.org>
In-Reply-To: <87sjoocgxs.fsf@latte.josefsson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
X-EMM-MHVC: 1
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: gen-art@ietf.org, david.black@emc.com, hartmans-ietf@mit.edu, ietf-krb-wg@lists.anl.gov, ietf@ietf.org
Subject: Re: [Ietf-krb-wg] Gen-ART review of draft-ietf-krb-wg-otp-preauth-18
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov

Could we add a URI list to draft-lha-krb-wg-some-numbers-to-iana?

>
> > Some form of identifier will be required for the otp-algID in the
> > PA-OTP-CHALLENGE and the PA-OTP-REQUEST and from what I remember
> about
> > when this was first discussed, it was agreed that it would make sense
> > to use the registry of identifiers already being established for PSKC
> > rather than produce a duplicate one.  My assumption was that a
> > registry would be required to ensure that the URIs were unique.
> >
>
> I think a separate registry is needed, RFC 6030 requires several things
> from a profile that shouldn't be required in order to support Kerberos
> OTP.  See below.
>
> /Simon
>
> 12.4.  PSKC Algorithm Profile Registry
>
>    IANA has created a registry for PSKC algorithm profiles in
> accordance
>    with the principles set out in RFC 5226 [RFC5226].
>
>    As part of this registry, IANA maintains the following information:
>
>    Common Name:  The name by which the PSKC algorithm profile is
>       generally referred.
>
>    Class:  The type of PSKC algorithm profile registry entry being
>       created, such as encryption, Message Authentication Code (MAC),
>       One-Time Password (OTP), Digest.
>
>    URI:  The URI to be used to identify the profile.
>
>    Identifier Definition:  IANA will add a pointer to the specification
>       containing information about the PSKC algorithm profile
>       registration.
>
>    Algorithm Definition:  A reference to the stable document in which
>       the algorithm being used with the PSKC is defined.
>
>    Registrant Contact:  Contact information about the party submitting
>       the registration request.
>
>    Deprecated:  TRUE if this entry has been deprecated based on expert
>       approval and SHOULD not be used in any new implementations.
>       Otherwise, FALSE.
>
>    PSKC Profiling:  Information about PSKC XML elements and attributes
>       being used (or not) with this specific profile of PSKC.
>
>    PSKC algorithm profile identifier registrations are to be subject to
>    Specification Required as per RFC 5226 [RFC5226].  Updates can be
>    provided based on expert approval only.  Based on expert approval,
> it
>    is possible to mark entries as "deprecated".  A designated expert
>    will be appointed by the IESG.
>
>    IANA has added two initial values to the registry based on the
>    algorithm profiles described in Section 10.

_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg

v2.23.0 | Report a Bug | By Email