IETF Logo Mail Archive

[saag] Kitten Summary - IETF 86

Shawn M Emery <shawn.emery@oracle.com> Thu, 14 March 2013 18:06 UTC

Return-Path: <shawn.emery@oracle.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4E0D11E8158 for <saag@ietfa.amsl.com>; Thu, 14 Mar 2013 11:06:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id umyAZbC4wAzq for <saag@ietfa.amsl.com>; Thu, 14 Mar 2013 11:06:05 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 28DE311E814C for <saag@ietf.org>; Thu, 14 Mar 2013 11:06:05 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2EI64Ti021401 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <saag@ietf.org>; Thu, 14 Mar 2013 18:06:04 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2EI637f020479 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <saag@ietf.org>; Thu, 14 Mar 2013 18:06:04 GMT
Received: from abhmt114.oracle.com (abhmt114.oracle.com [141.146.116.66]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2EI63u2016679 for <saag@ietf.org>; Thu, 14 Mar 2013 13:06:03 -0500
Received: from dhcp-13ad.meeting.ietf.org (/130.129.19.173) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 14 Mar 2013 11:06:03 -0700
Message-ID: <5142118B.60100@oracle.com>
Date: Thu, 14 Mar 2013 12:06:03 -0600
From: Shawn M Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: saag@ietf.org
References: <51420230.2010106@oracle.com>
In-Reply-To: <51420230.2010106@oracle.com>
X-Forwarded-Message-Id: <51420230.2010106@oracle.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Subject: [saag] Kitten Summary - IETF 86
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 18:06:05 -0000

Co-chairs Attending: Sam Hartman and Shawn Emery

The WG met for the morning session on Thursday (3.14.13).

kitten and Krb-wg merger
------------------------
New charter has been approved.
Krb-wg members have been migrated to the kitten list.
Updated drafts should be prefixed with draft-kitten-*.

draft-ietf-kitten-gssapi-extensions-iana
----------------------------------------
Leif had feed-back.  Chairs will send through another WGLC to get more reviewers. An
initial registry was suggested to provide guidance.

draft-ietf-kitten-sasl-saml-ec
------------------------------
Update was made with simplified session key schema, random-to-key moved to endpoints,
and advertisement of session key and enc types by acceptor.

draft-ietf-krb-wg-kdc-model
---------------------------
In RFC editor queue.  Was needing updates based on RFC editor comments/questions.

draft-ietf-krb-wg-pkinit-alg-agility
------------------------------------
RFC 3766 and RFC 6194 should be informative.
Error code 82 conflict should be reassigned.  Deployed code but impact unlikely.

draft-ietf-krb-wg-kerberos-referrals
------------------------------------
Now RFC 6806.

draft-sakane-dhc-dhcpv6-kdc-option
----------------------------------
Now RFC 6784.

draft-ietf-krb-wg-camellia-cts
------------------------------
Now RFC 6803.

draft-ietf-kitten-sasl-oauth
----------------------------
Jeff Hutzelman had made WGLC comments that entail an GSS-API abstract violation due to the
use of the mutual authentication state to indicate that the application, not the mechanism
has performed mutual authentication.  The other two SASL mechanisms, OpenID and SAML,
have similar issues.  It was decided that there should be an interim meeting to discuss
whether we update GS2 to provision for these mechanism types or do we remove the GS2
capabilities of these SASL mechanisms.

draft-ietf-kitten-kerberos-iana-registries
------------------------------------------
New revision was made that specifies registry fields.
Consensus during the session was made to NOT create registries for:
	Application tag numbers
	Transited encoding types

New Drafts Proposed
-------------------
draft-williams-kitten-channel-bound-flag
Would not require a recharter as it corrects an existing issue with channel binding.

draft-williams-kitten-krb5-extra-rt
Would require a recharter.

draft-williams-kitten-krb5-rcache-avoidance
Already in the current charter.

draft-yu-kitten-kerberos-kdc-does-aliases
Would require a recharter.

There wasn't enough review of the above drafts by members in the room to make a call to
adopt the relevant drafts in the WG.

Open Mic
--------
No one came forward.

GSS-Profile
-----------
Sam had commented on this draft as being useful in simplifying the GSS-API.  There were
not enough reviewers in the room to make a call for adoption.  Unfortunately a charter item
(i.e. draft-yu-kitten-api-wishlist) similar to this was previously removed due to lack of
feed-back or interest.

Shawn.
--
kitten co-chair

v2.23.0 | Report a Bug | By Email