Re: [radext] [precis] saslprepbis and NAI
Peter Saint-Andre - &yet <peter@andyet.net> Tue, 25 November 2014 02:53 UTC
Return-Path: <peter@andyet.net>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78B701A1B8D for <radext@ietfa.amsl.com>; Mon, 24 Nov 2014 18:53:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7jiJBOMczYKc for <radext@ietfa.amsl.com>; Mon, 24 Nov 2014 18:53:32 -0800 (PST)
Received: from mail-ig0-f178.google.com (mail-ig0-f178.google.com [209.85.213.178]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1EC21A1B7E for <radext@ietf.org>; Mon, 24 Nov 2014 18:53:32 -0800 (PST)
Received: by mail-ig0-f178.google.com with SMTP id hl2so4318602igb.5 for <radext@ietf.org>; Mon, 24 Nov 2014 18:53:32 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=JvFoKwi4fsEYXnLv7pYAIsi26xBOlT/Enh+BHKuJV/U=; b=XthjvoszjOgCBoK5d4QbMyhx5jT5OMZtYTT6zwiHY5ovX0uoHkbOrErZrvFCrjVvtJ n0yc3dCY7djwE37ubBENCMdaUbjb3JMSnYEIT5uxoOhAYxxiv7+uPrWEtPEDCz7goEDQ ZmOvTIRorRsHoffkpsFHkjsgJQ2azD1xg7KANMcfjz5jXwKQpL4aSxzfPagH3GGyc37N GF6rw5wccZ2DUCK0JkbSrrvGFJQGtIngTfYO/BnRfG63SiOCAp+wivi5YOq8shKQoSua gYgwHEusodH1l2GRcwVmElhIizG0EhiORy8fXJcUktdBZ+50gNY/AveG6fwKjpR5eqi9 Dn/A==
X-Gm-Message-State: ALoCoQndF5D7fxmAxzAyeeC1RpwqhbhgDOPeVQAAjHpGaOqDHDxrMBrG86KjzCmVJYfvWw+BF0Ru
X-Received: by 10.50.143.73 with SMTP id sc9mr15466115igb.27.1416884012164; Mon, 24 Nov 2014 18:53:32 -0800 (PST)
Received: from aither.local (c-73-34-202-214.hsd1.co.comcast.net. [73.34.202.214]) by mx.google.com with ESMTPSA id p198sm8485522iop.36.2014.11.24.18.53.31 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 24 Nov 2014 18:53:31 -0800 (PST)
Message-ID: <5473EF2A.90808@andyet.net>
Date: Mon, 24 Nov 2014 19:53:30 -0700
From: Peter Saint-Andre - &yet <peter@andyet.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Alan DeKok <aland@deployingradius.com>, precis@ietf.org, "radext@ietf.org" <radext@ietf.org>
References: <54660EE5.50503@deployingradius.com>
In-Reply-To: <54660EE5.50503@deployingradius.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/radext/_jxhVzYrujp_fbdM8J4DkhYMwLg
Subject: Re: [radext] [precis] saslprepbis and NAI
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Nov 2014 02:53:34 -0000
On 11/14/14, 7:17 AM, Alan DeKok wrote: > The RADEXT WG is in the last stages of publishing the updated NAI > document: > > https://tools.ietf.org/html/draft-ietf-radext-nai-10 > > This defines a standard for "username@realm" handling, where "realm" > is a fully qualified hostname. It would be useful to reference that > from the saslprepbis document. What kind of reference do you have in mind? Perhaps a pointer from Section 3.4 ("Application-Layer Constructs")? > The NAI is used for EAP (802.1X), AAA, 3GPP, and international roaming. > > The NAI is a subset of the "userpart" defined in Section 3.1 of the > saslprepbis document, in that it *requires* "username@realm", and the > "realm" part is a fully qualified domain name. > > Hmm... I've just noticed that the ABNF in the NAI allows for IP > addresses in the "realm" portion. That's not the intent. I'll have to > go fix that. > > I'd like to be sure that the NAI document is compatible with (or at > least not in violent disagreement with) the precis work. I've just reviewed the NAI specification. Although it does directly not address issues such as width mapping, case mapping, and Unicode normalization (seemingly inheriting its handling of those issues from RFC 5335 for the username portion and from IDNA2008 for the realm portion), as far as I can see it is compatible with saslprepbis. Peter -- Peter Saint-Andre https://andyet.com/
- [radext] saslprepbis and NAI Alan DeKok
- Re: [radext] [precis] saslprepbis and NAI Peter Saint-Andre - &yet
- Re: [radext] [precis] saslprepbis and NAI Peter Saint-Andre - &yet
- Re: [radext] [precis] saslprepbis and NAI Sam Hartman
- Re: [radext] [precis] saslprepbis and NAI Alan DeKok
- Re: [radext] [precis] saslprepbis and NAI Alan DeKok
- Re: [radext] [precis] saslprepbis and NAI Peter Saint-Andre - &yet
- Re: [radext] saslprepbis and NAI Benoit Claise