Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
Chris Newman <Chris.Newman@Sun.COM> Fri, 27 July 2007 14:02 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IEQOd-0007Rb-BV; Fri, 27 Jul 2007 10:02:23 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IEQOb-0007RW-PC for tls@ietf.org; Fri, 27 Jul 2007 10:02:21 -0400
Received: from brmea-mail-2.sun.com ([192.18.98.43]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IEQOb-0005As-4g for tls@ietf.org; Fri, 27 Jul 2007 10:02:21 -0400
Received: from fe-amer-06.sun.com ([192.18.108.180]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id l6RE2K58020400 for <tls@ietf.org>; Fri, 27 Jul 2007 14:02:20 GMT
Received: from conversion-daemon.mail-amer.sun.com by mail-amer.sun.com (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) id <0JLU00301C7CNI00@mail-amer.sun.com> (original mail from Chris.Newman@Sun.COM) for tls@ietf.org; Fri, 27 Jul 2007 08:02:20 -0600 (MDT)
Received: from [10.1.110.5] (dhcp-1695.ietf69.org [130.129.22.149]) by mail-amer.sun.com (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPSA id <0JLU007H7CBTLV00@mail-amer.sun.com>; Fri, 27 Jul 2007 08:02:20 -0600 (MDT)
Date: Fri, 27 Jul 2007 09:03:04 -0500
From: Chris Newman <Chris.Newman@Sun.COM>
Subject: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
In-reply-to: <46A91838.5050705@secure-endpoints.com>
To: jaltman@secure-endpoints.com
Message-id: <4326E17DC83C408C88F440C0@446E7922C82D299DB29D899F>
MIME-version: 1.0
X-Mailer: Mulberry/3.1.6 (Mac OS X)
Content-type: text/plain; format="flowed"; charset="us-ascii"
Content-transfer-encoding: 7bit
Content-disposition: inline
References: <200707171840.l6HIeg9M018099@fs4113.wdf.sap.corp> <48A6320349FD1EDBE937A357@dhcp-26f9.ietf69.org> <C4E819FF73EA6ED22A3906CD@446E7922C82D299DB29D899F> <7CD9366321AC463125D19ED4@446E7922C82D299DB29D899F> <46A91838.5050705@secure-endpoints.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Jeffrey Altman wrote on 7/26/07 17:55 -0400: > Chris Newman wrote: >> I will certainly do that. However, I recommend you talk to >> application developers who consume TLS and GSSAPI/SSPI/SASL/EAP APIs >> to see how they feel about these issues. >> > Chris: > > If I am reading you correctly, you would like to see proposals for > example describing how the Windows SSPI and OpenSSL among other TLS > implementations would need to be modified to support the described > functionality. I think that this is a very important consideration and > I would be happy to propose changes for OpenSSL as I was involved in > adding the support for TLS KRB5 to OpenSSL many years ago. Yes. And it's not just changes to the TLS stacks, but also to the applications that consume the TLS stacks. I also encourage serious consideration of alternate approaches that involve fewer changes to the TLS stack. - Chris _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] the use cases for GSS-based TLS and the ple… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Love Hörnquist Åstrand
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Love Hörnquist Åstrand
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Love Hörnquist Åstrand
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- RE: [TLS] the use cases for GSS-based TLS and the… Kemp, David P.
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- [TLS] Re: the use cases for GSS-based TLS and the… Simon Josefsson
- RE: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- Re: [TLS] Re: the use cases for GSS-based TLS and… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- [TLS] Re: the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- RE: [TLS] the use cases for GSS-based TLS and the… Kemp, David P.
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Yoav Nir
- Re: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- Re: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- RE: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Kyle Hamilton
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Kemp, David P.
- RE: [TLS] the use cases for GSS-based TLS and the… Chris Newman