Re: [secdir] SECDIR review of draft-melnikov-sasl-scram-ldap-03
Barry Leiba <barryleiba.mailing.lists@gmail.com> Thu, 15 October 2009 20:44 UTC
Return-Path: <barryleiba.mailing.lists@gmail.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AA28128C16D; Thu, 15 Oct 2009 13:44:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tJof-rjy30rz; Thu, 15 Oct 2009 13:44:26 -0700 (PDT)
Received: from mail-yw0-f183.google.com (mail-yw0-f183.google.com [209.85.211.183]) by core3.amsl.com (Postfix) with ESMTP id B27DE28C16C; Thu, 15 Oct 2009 13:44:26 -0700 (PDT)
Received: by ywh13 with SMTP id 13so2030476ywh.29 for <multiple recipients>; Thu, 15 Oct 2009 13:44:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:reply-to:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=/60+cSjt0cbIxhnL7sFrV6yfplUrLkKZoSBPdweyRrU=; b=Zn6GNCZTOVCI1AroxDfNYEaY6OPbYkqUBN4vdMYoCiTmv0LiBpvQcpLyHKnuUu5KRk vrInlSGFTuUBbyMh7UkrFaItJuuoyT/4XbKslVFbhct383oOHdcz/9tbcK4KIIioa6Wl 7R6xetEIyBEvxLlkfCKQvfFsv9KfBaMqIiCCI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding; b=tsIh2ejNCCoW9XT7hGY93nSIoi7z8revf2mY6gklRYbrA+udUBX36ZXk9ZYxaVAjjW 6ZlezTjR31AWzf1TW3u5AcaQxQJahUJPdQoOCEXhur92zDw/NNAftEWOM8/DUbsN2ofM rb4d9Kujzuib9CpMWCfYNgAtCwk91xayRv1rc=
MIME-Version: 1.0
Received: by 10.150.26.5 with SMTP id 5mr1143144ybz.228.1255639467351; Thu, 15 Oct 2009 13:44:27 -0700 (PDT)
In-Reply-To: <Pine.GSO.4.63.0910131301090.17359@sjc-cde-007.cisco.com>
References: <Pine.GSO.4.63.0910131301090.17359@sjc-cde-007.cisco.com>
Date: Thu, 15 Oct 2009 16:44:27 -0400
Message-ID: <6c9fcc2a0910151344o41516489ufd9b132d398f94d2@mail.gmail.com>
From: Barry Leiba <barryleiba.mailing.lists@gmail.com>
To: Chris Lonvick <clonvick@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] SECDIR review of draft-melnikov-sasl-scram-ldap-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: barryleiba@computer.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Oct 2009 20:44:27 -0000
On Tue, Oct 13, 2009 at 5:57 PM, Chris Lonvick <clonvick@cisco.com> wrote: > I'd also recommend that you revise the abstract a bit for clarity. > CURRENT: > This memo describes how authPassword LDAP attribute can be used for > storing secrets used by Salted Challenge Response (SCRAM) Simple > Authentication and Security Layer (SASL) Mechanism. > SUGGESTED: > This memo describes how the LDAP attribute of authPassword can be used > for storing secrets used by the Salted Challenge Response (SCRAM) > mechanism in the Simple Authentication and Security Layer (SASL) > framework. I agree that strings of attributive nouns and noun-phrases can be confusing, especially when they're long and also shown as acronyms. I think the second half of your suggested change is good. But I think the first half actually makes it worse, by making it look like there's some attribute of authPassword that's called "LDAP". The best way to clarify that part is just to put the attribute name in quotes: SUGGESTED++: This memo describes how the "authPassword" LDAP attribute can be used for storing secrets used by the Salted Challenge Response (SCRAM) mechanism in the Simple Authentication and Security Layer (SASL) framework. Barry
- [secdir] SECDIR review of draft-melnikov-sasl-scr… Chris Lonvick
- Re: [secdir] SECDIR review of draft-melnikov-sasl… Barry Leiba
- Re: [secdir] SECDIR review of draft-melnikov-sasl… Chris Lonvick
- Re: [secdir] SECDIR review of draft-melnikov-sasl… Alexey Melnikov
- Re: [secdir] SECDIR review of draft-melnikov-sasl… Alexey Melnikov