Re: WG Last Call: draft-ietf-sasl-scram-02
Simon Josefsson <simon@josefsson.org> Tue, 28 July 2009 08:12 UTC
Return-Path: <owner-ietf-sasl@mail.imc.org>
X-Original-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Delivered-To: ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D53373A6D37 for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Tue, 28 Jul 2009 01:12:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VlvMayzEnbig for <ietfarch-sasl-archive-Zoh8yoh9@core3.amsl.com>; Tue, 28 Jul 2009 01:12:19 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 4FBA13A6ABC for <sasl-archive-Zoh8yoh9@ietf.org>; Tue, 28 Jul 2009 01:12:19 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n6S88KPl027346 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 28 Jul 2009 01:08:20 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n6S88Kbv027345; Tue, 28 Jul 2009 01:08:20 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n6S88HbL027337 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-sasl@imc.org>; Tue, 28 Jul 2009 01:08:19 -0700 (MST) (envelope-from simon@josefsson.org)
Received: from mocca.josefsson.org (dhcp-11c1.meeting.ietf.org [130.129.17.193]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5) with ESMTP id n6S88C9w029886 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 28 Jul 2009 10:08:14 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Tom Yu <tlyu@MIT.EDU>
Cc: ietf-sasl@imc.org
Subject: Re: WG Last Call: draft-ietf-sasl-scram-02
References: <ldvbpnouhy3.fsf@cathode-dark-space.mit.edu> <87prblutda.fsf@mocca.josefsson.org>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090728:ietf-sasl@imc.org::dY8CkpjsyCquIRRr:115N
X-Hashcash: 1:22:090728:tlyu@mit.edu::JGBKJ+qBxgdjNDsq:nqBM
Date: Tue, 28 Jul 2009 10:08:12 +0200
In-Reply-To: <87prblutda.fsf@mocca.josefsson.org> (Simon Josefsson's message of "Tue, 28 Jul 2009 10:03:29 +0200")
Message-ID: <87iqhdut5f.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.96 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: clamav-milter 0.95.2 at yxa-v
X-Virus-Status: Clean
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Simon Josefsson <simon@josefsson.org> writes: > I'll get to reviewing the technical part of the document, promise! :) > > Running idnits on the document, it says > > == The document seems to lack a disclaimer for pre-RFC5378 work, but was > first submitted before 10 November 2008. Should you add the disclaimer? > (See the Legal Provisions document at > http://trustee.ietf.org/license-info for more information.). > > The document has a long history, is the current legal boilerplate ok? This was fixed in -02, sorry I ran an older document through idnits. > However there are several documents added as references but not > mentioned in the document itself: > > == Unused Reference: 'I-D.ietf-sasl-rfc2831bis' is defined on line 1050, > but no explicit reference was found in the text > > == Unused Reference: 'RFC2195' is defined on line 1055, but no explicit > reference was found in the text > > == Unused Reference: 'RFC2202' is defined on line 1059, but no explicit > reference was found in the text This comment still holds. -02 also contain a dangling reference to PKIX: == Unused Reference: 'RFC5280' is defined on line 1042, but no explicit reference was found in the text > == Unused Reference: 'RFC4086' is defined on line 1065, but no explicit > reference was found in the text > > The first three should probably be just removed (?). But the last one > seems useful to reference normatively. How about adding the following > to Security Considerations? > > See [RFC4086] for more information about generating randomness. This comment also still holds. /Simon
- WG Last Call: draft-ietf-sasl-scram-02 Tom Yu
- Re: WG Last Call: draft-ietf-sasl-scram-02 Chris Newman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Jeffrey Hutzelman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Chris Newman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Jeffrey Hutzelman
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Nicolas Williams
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Kurt Zeilenga
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Simon Josefsson
- Re: WG Last Call: draft-ietf-sasl-scram-02 Peter Saint-Andre
- Re: WG Last Call: draft-ietf-sasl-scram-02 Dave Cridland
- Re: WG Last Call: draft-ietf-sasl-scram-02 Alexey Melnikov