Re: [SPKM] RE: Comments on draft-zhu-pku2u-01.txt
Sam Hartman <hartmans-ietf@mit.edu> Mon, 19 March 2007 16:13 UTC
Return-path: <spkm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HTKUO-0006ND-Rd; Mon, 19 Mar 2007 12:13:40 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HTKUO-0006N3-Fc for spkm@ietf.org; Mon, 19 Mar 2007 12:13:40 -0400
Received: from dhcp-1226.ietf68.org ([130.129.18.38] helo=carter-zimmerman.mit.edu) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1HTKUN-0002Fy-2q for spkm@ietf.org; Mon, 19 Mar 2007 12:13:40 -0400
Received: by carter-zimmerman.mit.edu (Postfix, from userid 8042) id EF41BE031C; Mon, 19 Mar 2007 12:13:22 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: Jeffrey Hutzelman <jhutz@cmu.edu>
Subject: Re: [SPKM] RE: Comments on draft-zhu-pku2u-01.txt
References: <Pine.LNX.4.33L.0703181955190.1982-100000@minbar.fac.cs.cmu.edu>
Date: Mon, 19 Mar 2007 12:13:22 -0400
In-Reply-To: <Pine.LNX.4.33L.0703181955190.1982-100000@minbar.fac.cs.cmu.edu> (Jeffrey Hutzelman's message of "Sun, 18 Mar 2007 19:58:50 -0400 (EDT)")
Message-ID: <tslejnlw6sd.fsf@cz.mit.edu>
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: Michael.Eisler@netapp.com, kitten@lists.ietf.org, spkm@ietf.org, andros@citi.umich.edu
X-BeenThere: spkm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Low Infrastructure Public Key GSS mechanism <spkm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/spkm>, <mailto:spkm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/spkm>
List-Post: <mailto:spkm@ietf.org>
List-Help: <mailto:spkm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/spkm>, <mailto:spkm-request@ietf.org?subject=subscribe>
Errors-To: spkm-bounces@ietf.org
>>>>> "Jeffrey" == Jeffrey Hutzelman <jhutz@cmu.edu> writes: Jeffrey> On Sun, 18 Mar 2007, Liqiang(Larry) Zhu wrote: >> Jeffrey Hutzelman wrote: > Why? How does the initiator handle >> these tokens? If it does so in any > way other than by >> producing a new token, then the acceptor should not be > >> returning GSS_S_CONTINUE_NEEDED. >> >> The deployment experience shows that if the client (instead of >> the acceptor or the KDC) can log the error information, the >> cost of trouble shooting is significantly lower. >> >> If the acceptor returns a KRB_ERROR message with a status that >> is anything but GSS_S_CONTINUE_NEEDED, there is no guarantee >> and it is in fact very unlikely that the trouble-shooting >> information can make it to the client side in order to get >> logged. Jeffrey> No; you are confused. GSS_S_CONTINUE_NEEDED does not Jeffrey> mean "there is a token to send to the peer". It means Jeffrey> "another token is expected from the peer". Any token Jeffrey> produced by GSS_Accept_sec_context should be sent to the Jeffrey> peer regardless of the returned status code. Jeffrey> Behaving otherwise violates the abstraction and will Jeffrey> break application protocols which expect the GSS-API to Jeffrey> behave as specified, regardless of which mechanism is Jeffrey> being used. I strongly agree with Jeff here. _______________________________________________ SPKM mailing list SPKM@ietf.org https://www1.ietf.org/mailman/listinfo/spkm
- [SPKM] FW: I-D ACTION:draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Olga Kornievskaia
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Nicolas Williams
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Nicolas Williams
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Martin Rex
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Martin Rex
- Re: [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Sam Hartman
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Martin Rex
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Martin Rex
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Martin Rex
- Re: [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Martin Rex
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Olga Kornievskaia
- Re: [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Olga Kornievskaia
- [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.txt Olga Kornievskaia
- [SPKM] RE: FW: I-D ACTION:draft-zhu-pku2u-01.txt Liqiang(Larry) Zhu
- [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.txt Olga Kornievskaia
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- Re: [SPKM] RE: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Jeffrey Hutzelman
- [SPKM] Re: Comments on draft-zhu-pku2u-01.txt Martin Rex
- [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.txt Olga Kornievskaia
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Nicolas Williams
- RE: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Liqiang(Larry) Zhu
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Martin Rex
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Nicolas Williams
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Martin Rex
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Nicolas Williams
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Martin Rex
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Nicolas Williams
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Martin Rex
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Nicolas Williams
- Re: [SPKM] Re: FW: I-D ACTION:draft-zhu-pku2u-01.… Martin Rex