Re: draft-williams-on-channel-binding-00.txt is in the I-D repository
Sam Hartman <hartmans-ietf@mit.edu> Fri, 18 August 2006 14:24 UTC
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k7IEOABR073892; Fri, 18 Aug 2006 07:24:10 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k7IEOAR4073891; Fri, 18 Aug 2006 07:24:10 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from carter-zimmerman.mit.edu (carter-zimmerman.suchdamage.org [69.25.196.178]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k7IEO5QS073873 for <ietf-sasl@imc.org>; Fri, 18 Aug 2006 07:24:09 -0700 (MST) (envelope-from hartmans@mit.edu)
Received: by carter-zimmerman.mit.edu (Postfix, from userid 8042) id 7D420E00C0; Fri, 18 Aug 2006 10:23:57 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: Simon Josefsson <jas@extundo.com>
Cc: ietf-sasl@imc.org, kitten@ietf.org, nfsv4@ietf.org
Subject: Re: draft-williams-on-channel-binding-00.txt is in the I-D repository
References: <20060815150854.GM4099@binky.Central.Sun.COM> <87ac663pzs.fsf@latte.josefsson.org>
Date: Fri, 18 Aug 2006 10:23:57 -0400
In-Reply-To: <87ac663pzs.fsf@latte.josefsson.org> (Simon Josefsson's message of "Tue, 15 Aug 2006 18:47:35 +0200")
Message-ID: <tslsljuunpe.fsf@cz.mit.edu>
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
>>>>> "Simon" == Simon Josefsson <jas@extundo.com> writes: Simon> Nicolas Williams <Nicolas.Williams@sun.com> writes: >> Folks, the replacement for draft-ietf-nfsv4-channel-bindings, >> draft-williams-on-channel-binding-00.txt, is now in the I-D >> repository. >> >> It has also been significantly expanded. Please review. I'd >> like to ask the security ADs for an IETF Last Call on this I-D >> soon. Simon> Looks good in general. A general design question: Simon> What about SASL/GS2 over TLS over SSH over IPSEC? What is Simon> the channel bindings for that, is it only the TLS binding? Simon> Consider if the application regards the TLS layer as weak Simon> (export ciphers) but the SSH layer as strong, would it be Simon> permitted to use the SSH channel binding? This sounds to Simon> me like it may require negotiation in GS2. That's the application's problem to decide. I definitely do not think we want every mechanism that supports binding to a channel to need negotiation for this.
- Re: draft-williams-on-channel-binding-00.txt is i… Sam Hartman
- Re: draft-williams-on-channel-binding-00.txt is i… Nicolas Williams
- Re: [nfsv4] draft-williams-on-channel-binding-00.… Nicolas Williams
- Re: draft-williams-on-channel-binding-00.txt is i… Nicolas Williams
- Re: draft-williams-on-channel-binding-00.txt is i… Simon Josefsson
- Re: draft-williams-on-channel-binding-00.txt is i… Nicolas Williams
- Re: draft-williams-on-channel-binding-00.txt is i… Simon Josefsson
- draft-williams-on-channel-binding-00.txt is in th… Nicolas Williams