IETF Logo Mail Archive

Re: [sasl] GS2 -19

Jeffrey Hutzelman <jhutz@cmu.edu> Fri, 08 January 2010 20:21 UTC

Return-Path: <jhutz@cmu.edu>
X-Original-To: sasl@core3.amsl.com
Delivered-To: sasl@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 84BAE3A6856 for <sasl@core3.amsl.com>; Fri, 8 Jan 2010 12:21:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rB9FbdVABRIW for <sasl@core3.amsl.com>; Fri, 8 Jan 2010 12:21:41 -0800 (PST)
Received: from smtp01.srv.cs.cmu.edu (SMTP01.SRV.CS.CMU.EDU [128.2.217.196]) by core3.amsl.com (Postfix) with ESMTP id 596D23A6835 for <sasl@ietf.org>; Fri, 8 Jan 2010 12:21:41 -0800 (PST)
Received: from ATLANTIS.PC.CS.CMU.EDU (SIRIUS.FAC.CS.CMU.EDU [128.2.216.216]) (authenticated bits=0) by smtp01.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id o08KLXoD015387 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 8 Jan 2010 15:21:36 -0500 (EST)
Date: Fri, 08 Jan 2010 15:21:33 -0500
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: Simon Josefsson <simon@josefsson.org>, sasl@ietf.org
Message-ID: <A2010FBD1D95B77848202707@atlantis.pc.cs.cmu.edu>
In-Reply-To: <16025_1262956106_o08D8O8k025053_87iqbc4udd.fsf@mocca.josefsson.org>
References: <20100108130002.22EC53A67E7@core3.amsl.com> <16025_1262956106_o08D8O8k025053_87iqbc4udd.fsf@mocca.josefsson.org>
X-Mailer: Mulberry/4.0.8 (Linux/x86)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Scanned-By: mimedefang-cmuscs on 128.2.217.196
Subject: Re: [sasl] GS2 -19
X-BeenThere: sasl@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SASL Working Group <sasl.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sasl>
List-Post: <mailto:sasl@ietf.org>
List-Help: <mailto:sasl-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2010 20:21:42 -0000

--On Friday, January 08, 2010 02:08:14 PM +0100 Simon Josefsson 
<simon@josefsson.org> wrote:

> All,
>
> Below is the announcement of GS2 -19.  -19 attempts to address all
> concerns raised during IETF last call, including the GenArt and SecDir
> comments.
>
> To make it easy for you to help me catch any mistakes or omissions, here
> are the links Pasi provided with comments:
>
>  https://datatracker.ietf.org/idtracker/ballot/2573/
>  http://www.ietf.org/mail-archive/web/gen-art/current/msg04791.html
>  http://www.ietf.org/mail-archive/web/secdir/current/msg01242.html
>
> The diff between -18 (which was posted during the IETF week with some
> fixes) and -19 is available from:
>
> http://josefsson.org/sasl-gs2/draft-ietf-sasl-gs2-19-from-8.diff.html
>
> Diff between -17 (which was the document in IETF wide last call) and -18
> is available from:
>
> http://josefsson.org/sasl-gs2/draft-ietf-sasl-gs2-18-from-7.diff.html

Of course, a complete history is available at
<http://tools.ietf.org/html/draft-ietf-sasl-gs2-19>, including diffs 
between versions.

I see no serious problems in the recent revisions.  The chart describing 
how the channel bindings flag works seems like a good addition.  However, 
the last entry is confusing.  It appears to be describing the case where a 
client gives up because the server appears not to support CB and the client 
insists on it, whereas all of the other entries describe the server's 
behavior based on the received flag and whether the server supports CB.

This might be made more clear by s/because/if/ in that entry.

-- Jeff

v2.23.0 | Report a Bug | By Email