IETF Logo Mail Archive

SCRAM as GSS-API mechanism

Simon Josefsson <simon@josefsson.org> Mon, 09 March 2009 17:33 UTC

Return-Path: <owner-ietf-sasl@mail.imc.org>
X-Original-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Delivered-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CA8023A6CB8 for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Mon, 9 Mar 2009 10:33:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.408
X-Spam-Level:
X-Spam-Status: No, score=-2.408 tagged_above=-999 required=5 tests=[AWL=0.191, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6scX3SbzHa+x for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Mon, 9 Mar 2009 10:33:55 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 3D53F28C141 for <sasl-archive-Zoh8yoh9@ietf.org>; Mon, 9 Mar 2009 10:33:50 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n29HPXfS068634 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 9 Mar 2009 10:25:33 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n29HPXi5068633; Mon, 9 Mar 2009 10:25:33 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n29HPL6L068615 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <ietf-sasl@imc.org>; Mon, 9 Mar 2009 10:25:32 -0700 (MST) (envelope-from simon@josefsson.org)
Received: from c80-216-29-127.bredband.comhem.se ([80.216.29.127] helo=mocca.josefsson.org) by yxa-v.extundo.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.69) (envelope-from <simon@josefsson.org>) id 1LgjE6-0003kk-Vd for ietf-sasl@imc.org; Mon, 09 Mar 2009 18:25:19 +0100
X-Hashcash: 1:22:090309:ietf-sasl@imc.org::uL8A4TQAJjExAnuE:7UYy
From: Simon Josefsson <simon@josefsson.org>
To: ietf-sasl@imc.org
Subject: SCRAM as GSS-API mechanism
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
Date: Mon, 09 Mar 2009 18:25:16 +0100
Message-ID: <87wsayk3r7.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.90 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>

All,

I have posted (although manually, so it may take up to 2 days until is
announced) draft-newman-auth-scram-gs2-01.txt.  Meanwhile, it is
available from:

http://josefsson.org/sasl-gs2/draft-newman-auth-scram-gs2-01.txt

It does not take into account the recent GS2 re-design proposals, but
merely attempts to frame the document as a 'SCRAM as GSS-API mechanism',
and refers to GS2 on how the protocol looks in SASL.

The document is thus lagging behind the discussion in the WG, but it
does contain some useful new material and different from scram-gs2-00
that we believed it worthwhile posting.

The point of this document is to allow us to chose a design path with
the ability to refer to real documents.  So we have at least two
choices:

1) draft-newman-auth-scram-10.txt
   SCRAM as native SASL mechanism

2) draft-newman-auth-scram-gs2-01.txt

   SCRAM as native GSS-API mechanism.  The mapping to SASL is defined
   through GS2.

I'll try to catch up on the GS2 discussions next.  I am sorry if some of
the points made here are obsolete or irrelevant in the light of more
recent discussions, but hopefully there is at least some useful points.

/Simon

v2.23.0 | Report a Bug | By Email