[saag] Kitten and Krb-wg Summary - IETF 85

Shawn M Emery <shawn.emery@oracle.com> Wed, 07 November 2012 21:48 UTC

Return-Path: <shawn.emery@oracle.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 451E221F8B99 for <saag@ietfa.amsl.com>; Wed, 7 Nov 2012 13:48:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.598
X-Spam-Status: No, score=-4.598 tagged_above=-999 required=5 tests=[AWL=-2.000, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id wdHA5LwPhxsv for <saag@ietfa.amsl.com>; Wed, 7 Nov 2012 13:48:49 -0800 (PST)
Received: from aserp1040.oracle.com (aserp1040.oracle.com []) by ietfa.amsl.com (Postfix) with ESMTP id 483E621F8B67 for <saag@ietf.org>; Wed, 7 Nov 2012 13:48:49 -0800 (PST)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com []) by aserp1040.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id qA7LmlBl032079 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <saag@ietf.org>; Wed, 7 Nov 2012 21:48:48 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com []) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id qA7LmlGg008338 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <saag@ietf.org>; Wed, 7 Nov 2012 21:48:47 GMT
Received: from abhmt105.oracle.com (abhmt105.oracle.com []) by acsmt357.oracle.com ( with ESMTP id qA7Lmklk028666 for <saag@ietf.org>; Wed, 7 Nov 2012 15:48:46 -0600
Received: from dhcp-14cb.meeting.ietf.org (/ by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 07 Nov 2012 13:48:46 -0800
Message-ID: <509AD73F.4070602@oracle.com>
Date: Wed, 07 Nov 2012 14:48:47 -0700
From: Shawn M Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: saag@ietf.org
References: <509AC18A.7070407@oracle.com>
In-Reply-To: <509AC18A.7070407@oracle.com>
X-Forwarded-Message-Id: <509AC18A.7070407@oracle.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Source-IP: ucsinet22.oracle.com []
Subject: [saag] Kitten and Krb-wg Summary - IETF 85
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2012 21:48:50 -0000

Co-chairs: Sam Hartman, Shawn Emery, and Josh Howlett (new, absent)

The WGs met for the morning session on Tuesday (10.6.12).  The 2 1/2
hour session was combined and will be merged under the kitten WG in
the near future.

Per programming language registry update in 07 made by Alexey.  Looking for reviewers.

Now RFC 6680!

Now RFC 6616!

Now RFC 6595!

Scott Cantor gave a presentation on updates to the SASL SAML-EC draft and brought
up issues with expert review, naming and keying issues.

WGLC expired on 10/7/12.  Issues were brought up on the list.  Hannes agreed to update
the draft with example token types and fixes to the IMAP/SMTP examples.

DISCUSS brought up by Pete Resnik.

Needs to be sent to IESG (passed WGLC) and Josh will shepherd.  Tom had found an IANA
conflict, which was discussed during the Kerberos IANA status.

Approved; in RFC editor queue.

In AUTH48.

Approved; in RFC editor queue.

Suite B Profile for Kerberos 5
Kelly Burgin had presented Suite B profile use for Kerberos 5.  He is looking for
feed-back on his draft and direction on whether to adopt the draft as a WG item.

Kerberos IANA
Tom Yu had brought up a conflict with error code 82 and proposals to resolve this:
update the pkinit-alg draft, erratum for 6111, or overload the error code.
In regards to the registry draft there were questions on whether to document message
types, tags, and ASN.1.  Will take the questions to the list

Charter Discussion
New work items were discussed for the merged WGs.  Interest was gauged for each
of these potential work items, while polling for individuals that would be major
contributors and reviewers of subsequent drafts.

Kerberos Authorization Data Container Authenticated by Multiple MACs
Tom Yu had brought a question on whether the KDC MAC is meaningful without a strong
binding to the enclosing service ticket?  Will take the question to the list.

Open Mic
No one came forward.

kitten and krb-wg co-chair