IETF Logo Mail Archive

Re: [sasl] MOGGIES Proposed Charter

Arnt Gulbrandsen <arnt@gulbrandsen.priv.no> Mon, 24 May 2010 16:01 UTC

Return-Path: <arnt@gulbrandsen.priv.no>
X-Original-To: sasl@core3.amsl.com
Delivered-To: sasl@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3AD063A6B63 for <sasl@core3.amsl.com>; Mon, 24 May 2010 09:01:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.302
X-Spam-Level:
X-Spam-Status: No, score=-0.302 tagged_above=-999 required=5 tests=[AWL=-0.303, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5VQihsLfv7nk for <sasl@core3.amsl.com>; Mon, 24 May 2010 09:01:04 -0700 (PDT)
Received: from strange.aox.org (strange.aox.org [IPv6:2001:4d88:100c::1]) by core3.amsl.com (Postfix) with ESMTP id 90DF93A6BB5 for <sasl@ietf.org>; Mon, 24 May 2010 09:01:04 -0700 (PDT)
Received: from fri.gulbrandsen.priv.no (kalyani.aox.org [79.140.39.164]) by strange.aox.org (Postfix) with ESMTP id BBB7AFA0008; Mon, 24 May 2010 16:00:56 +0000 (UTC)
Received: from arnt@gulbrandsen.priv.no by fri.gulbrandsen.priv.no (Archiveopteryx 3.1.3) with esmtpsa id 1274716854-37716-37715/8/56; Mon, 24 May 2010 18:00:54 +0200
Message-Id: <4BFAA237.3000208@gulbrandsen.priv.no>
Date: Mon, 24 May 2010 17:58:47 +0200
From: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>
Organization: Me, http://arnt.gulbrandsen.priv.no
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.8pre) Gecko/20100120 Shredder/3.0.2pre
Mime-Version: 1.0
To: Nicolas Williams <Nicolas.Williams@oracle.com>
References: <20100518191521.GL9429@oracle.com> <201005202238.o4KMcML6028897@fs4113.wdf.sap.corp> <20100520225647.GX9605@oracle.com> <ldvy6fc3mg8.fsf@cathode-dark-space.mit.edu> <20100521230900.GF9605@oracle.com> <aTuL5hseOU458FLQG7pXdg.md5@lochnagar.gulbrandsen.priv.no> <20100524043655.GI9605@oracle.com> <4BFA1DFE.7040406@gulbrandsen.priv.no> <20100524153625.GJ9605@oracle.com>
In-Reply-To: <20100524153625.GJ9605@oracle.com>
Content-Type: text/plain; charset="iso-8859-1"; format="flowed"
Cc: sasl@ietf.org
Subject: Re: [sasl] MOGGIES Proposed Charter
X-BeenThere: sasl@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SASL Working Group <sasl.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sasl>
List-Post: <mailto:sasl@ietf.org>
List-Help: <mailto:sasl-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 May 2010 16:01:07 -0000

On 05/24/2010 05:36 PM, Nicolas Williams wrote:
> On Mon, May 24, 2010 at 08:34:38AM +0200, Arnt Gulbrandsen wrote:
>> On 05/24/2010 06:36 AM, Nicolas Williams wrote:
>>> These wouldn't be constants though -- that's part of the point.
>>
>> Aren't you talking about sendint something like "cipher suite foo is
>> pretty strong"? "Pretty strong" is a magic constant.
>
> No, not on the wire.  We're talking about the API, and the UI.

Same thing. A piece if information is sent from someone's domain to 
someone else's domain. Whether that involves network traffic is not very 
important; the most significant bit is that someone's code provides 
information to someone else's code, and the two "someone"s don't know 
each other.

> Right, and therein lies one problem with strength numbers: we've no clue
> how they'll be used, and quite possibly they'll be used inappropriately.

That applies no matter how you package the piece of information.

I know one instance where they tried to get away from packaging the 
information as a piece: A Windows thing called TWAIN where the two 
pieces of code (which may or may not be linked into the same process) 
cooperate across the API to build a UI. TWAIN does get away from the 
packaging, but the result is not nirvana.

Arnt

v2.23.0 | Report a Bug | By Email