[SPKM] SPKM BOF summary from IETF 67
Jeffrey Hutzelman <jhutz@cmu.edu> Thu, 09 November 2006 19:27 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GiFYa-00032R-Fz; Thu, 09 Nov 2006 14:27:24 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GiFYZ-00031Z-I4 for spkm@ietf.org; Thu, 09 Nov 2006 14:27:23 -0500
Received: from minbar.fac.cs.cmu.edu ([128.2.185.161]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GiFWO-0001g5-VI for spkm@ietf.org; Thu, 09 Nov 2006 14:25:11 -0500
Received: from minbar.fac.cs.cmu.edu ([127.0.0.1]) by minbar.fac.cs.cmu.edu id aa15556; 9 Nov 2006 14:24 EST
Date: Thu, 09 Nov 2006 14:24:23 -0500
From: Jeffrey Hutzelman <jhutz@cmu.edu>
X-X-Sender: <jhutz@minbar.fac.cs.cmu.edu>
To: saag@mit.edu, spkm@ietf.org
Message-ID: <Pine.LNX.4.33L.0611091422340.31958-100000@minbar.fac.cs.cmu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
Cc: hartmans-ietf@mit.edu, housley@vigilsec.com
Subject: [SPKM] SPKM BOF summary from IETF 67
X-BeenThere: spkm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Low Infrastructure Public Key GSS mechanism <spkm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/spkm>, <mailto:spkm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/spkm>
List-Post: <mailto:spkm@ietf.org>
List-Help: <mailto:spkm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/spkm>, <mailto:spkm-request@ietf.org?subject=subscribe>
Errors-To: spkm-bounces@ietf.org
What follows is a short summary of the SPKM BOF that was held this Monday. Presentations are on the IETF web site: https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=67#wg-spkm Full minutes will be uploaded to that site and posted to the spkm@ietf.org mailing list in the near future. -- Jeff SPKM BOF - IETF 67 meeting summary We held a BOF on the topic of building a lightweight public-key-based GSS-API mechanism, motivated in large part by a need for such a mechanism for NFSv4. We began with a problem statement presentation, which was followed by presentations on proposals for four approaches to solutions: * Updating SPKM3 * PKU2U -- user-to-user auth based on PKINIT and GSS-krb5 * GSS-TLS -- a mechanism built on TLS and/or DTLS * SSiLKey -- use HTTPS to obtain a token used in GSS context establishment Polls indicated there was sufficient interest in this work and enough people willing to work on it; however, it was not clear whether formation of a working group was actually necessary to proceed. The sense of the room seemed to be that leaving the choice of solution up to the proposed WG would be counter-productive, and that any WG formed should be constrained to a particular solution. This led to a discussion about the relative merits of the solutions proposed. The conclusion was that selection of a particlar proposal was not possible in the short time remaining in the BOF session. As a next step, Sam will form an AD-sponsored design team to evaluate the proposals and select one. This group will include one of the authors of of each of the four proposals, and possibly a small number of others. A poll of the room indicated that the output of such a design team would likely be acceptable to the group. _______________________________________________ SPKM mailing list SPKM@ietf.org https://www1.ietf.org/mailman/listinfo/spkm
- [SPKM] SPKM BOF summary from IETF 67 Jeffrey Hutzelman