Re: [saag] [Emu] Feedback on Salted EAP draft
Stefan Winter <stefan.winter@restena.lu> Thu, 16 July 2015 09:17 UTC
Return-Path: <stefan.winter@restena.lu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33F301A86E9; Thu, 16 Jul 2015 02:17:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01, WEIRD_PORT=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ASV-GjlTkGmM; Thu, 16 Jul 2015 02:17:12 -0700 (PDT)
Received: from smtprelay.restena.lu (smtprelay.restena.lu [IPv6:2001:a18:1::62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1E8F1A86E8; Thu, 16 Jul 2015 02:17:12 -0700 (PDT)
Received: from aragorn.restena.lu (aragorn.restena.lu [IPv6:2001:a18:1:8::155]) by smtprelay.restena.lu (Postfix) with ESMTPS id D2BCD4395F; Thu, 16 Jul 2015 11:17:10 +0200 (CEST)
Message-ID: <55A77696.8060604@restena.lu>
Date: Thu, 16 Jul 2015 11:17:10 +0200
From: Stefan Winter <stefan.winter@restena.lu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Sam Hartman <hartmans-ietf@mit.edu>
References: <CAHbuEH5u=Q_h4L4yNdrpPw1J3fAsr1MfEMBV84TgdnHVWcxX0w@mail.gmail.com> <CAHbuEH4--TP0duM-8GSaR4RaUG5DoL=QtnCFE3shHbaUNPvwVg@mail.gmail.com> <tsloane9wff.fsf@mit.edu> <CAHbuEH5cGW3pknnwseEnp=mqzrMLPFBh-bN4pd2wKKDgpS08wQ@mail.gmail.com>
In-Reply-To: <CAHbuEH5cGW3pknnwseEnp=mqzrMLPFBh-bN4pd2wKKDgpS08wQ@mail.gmail.com>
OpenPGP: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="fG6nCL5G1goLIb1mtqa9mHVGBmhDa973r"
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/5a7js0c19V7zae3Prp9qqqlb_R8>
X-Mailman-Approved-At: Thu, 16 Jul 2015 08:12:44 -0700
Cc: "saag@ietf.org" <saag@ietf.org>, emu@ietf.org
Subject: Re: [saag] [Emu] Feedback on Salted EAP draft
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2015 09:17:15 -0000
Hi, > Is there interest in reviewing this draft? Sam pointed out the > importance of moving this work forward, it would be helpful to have > volunteers to review the work and also to understand the level of > interest (if any) before this goes forward as AD sponsored. FWIW, I read and commented on the draft in its -00 state. I'm still very interested in this document as it enables contemporary real-life password databases to work with pwd. I'm still happy to be the doc shepherd once the time has come to move the document forward. Greetings, Stefan Winter > > Thank you! > > On Fri, Mar 27, 2015 at 1:34 PM, Sam Hartman <hartmans-ietf@mit.edu > <mailto:hartmans-ietf@mit.edu>> wrote: > > >>>>> "Kathleen" == Kathleen Moriarty > <kathleen.moriarty.ietf@gmail.com > <mailto:kathleen.moriarty.ietf@gmail.com>> writes: > > Kathleen> I meant to send the link to Dan's draft: > Kathleen> > https://tools.ietf.org/html/draft-harkins-salted-eap-pwd-01 > Kathleen> Long week... > > I have briefly reviewed the goals behind this proposal and a sketch of > the details but have not done a technical review of the proposal. > > The underlying goal is important and valuable. > This issue is the same issue that was behind my response to your AD > review of the oauth dynamic registration draft. > The more we can do to make it possible to use deployed password > databases with more modern security, the more we will be able to employ > that modern security. > > However, take careful note of section 5 of the draft. > > Assuming that you can get positive technical reviews of the proposal, > this draft seems to solve an important problem that would be valuable to > solve in the EAP community. > > > > > -- > > Best regards, > Kathleen > > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu > -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
- [saag] Feedback on Salted EAP draft Kathleen Moriarty
- Re: [saag] Feedback on Salted EAP draft Kathleen Moriarty
- Re: [saag] Feedback on Salted EAP draft Sam Hartman
- Re: [saag] Feedback on Salted EAP draft Kathleen Moriarty
- Re: [saag] Feedback on Salted EAP draft Christian Huitema
- Re: [saag] Feedback on Salted EAP draft Dan Harkins
- Re: [saag] Feedback on Salted EAP draft Sam Hartman
- Re: [saag] [Emu] Feedback on Salted EAP draft Stefan Winter
- Re: [saag] Feedback on Salted EAP draft Dan Harkins
- Re: [saag] Feedback on Salted EAP draft Joseph Salowey
- Re: [saag] Feedback on Salted EAP draft Dan Harkins