IETF Logo Mail Archive

Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

"Hannes Tschofenig" <Hannes.Tschofenig@gmx.net> Thu, 12 February 2009 18:22 UTC

Return-Path: <Hannes.Tschofenig@gmx.net>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 85D963A6AC7 for <tls@core3.amsl.com>; Thu, 12 Feb 2009 10:22:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.047
X-Spam-Level:
X-Spam-Status: No, score=-2.047 tagged_above=-999 required=5 tests=[AWL=0.252, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id weKYuSU3GykD for <tls@core3.amsl.com>; Thu, 12 Feb 2009 10:22:31 -0800 (PST)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by core3.amsl.com (Postfix) with SMTP id A2D273A69F9 for <tls@ietf.org>; Thu, 12 Feb 2009 10:22:28 -0800 (PST)
Received: (qmail invoked by alias); 12 Feb 2009 18:15:52 -0000
Received: from a91-154-108-144.elisa-laajakaista.fi (EHLO 4FIL42860) [91.154.108.144] by mail.gmx.net (mp019) with SMTP; 12 Feb 2009 19:15:52 +0100
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/NVtYbF9nNHqObOFq71gqzDFtSzYzElIL5/oPXbc aTW7JFaHjxHqdZ
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
To: "'Angelos D. Keromytis'" <angelos@cs.columbia.edu>, 'Alfred HÎnes' <ah@tr-sys.de>
References: <200902120002.BAA11916@TR-Sys.de> <F66304DF-A615-43FC-9929-D15AD07E3140@cs.columbia.edu>
Date: Thu, 12 Feb 2009 20:16:43 +0200
Message-ID: <07d901c98d3e$0fdb9f70$0201a8c0@nsnintra.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
In-Reply-To: <F66304DF-A615-43FC-9929-D15AD07E3140@cs.columbia.edu>
Thread-Index: AcmNOUsifPOne/+8RcqFVJ7RSjvsDAAA9Chw
X-Y-GMX-Trusted: 0
X-FuHaFi: 0.51
X-Mailman-Approved-At: Thu, 12 Feb 2009 11:13:33 -0800
Cc: tls@ietf.org, ietf@ietf.org
Subject: Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2009 18:22:31 -0000

The main issue I have been struggeling with these authorization extensions
inside TLS is that they happen at the wrong layer. 

Today, we see similar functionality being deployed at higher layers. I doubt
that a standardized authorization mechanism inside TLS will have a lot of
impact. 

Ciao
Hannes

>-----Original Message-----
>From: ietf-bounces@ietf.org [mailto:ietf-bounces@ietf.org] On 
>Behalf Of Angelos D. Keromytis
>Sent: 12 February, 2009 11:21
>To: Alfred HÎnes
>Cc: dean@av8.com; tls@ietf.org; ietf@ietf.org
>Subject: Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07 
>
>Alfred,
>neither of the cited KeyNote drafts (nor the KeyNote system 
>itself) is patent-encumbered. However, I admit to not (yet) 
>having paid close attention to the details of the IPR issues 
>around tls-authz-extns itself and their potential impact to 
>tls-authz-keynote.
>
>I have started draft-keromytis-keynote-x509-01 through the 
>RFC- fication process (currently discussing with a reviewer), 
>since it does not depend on authz (or any other pending work 
>in any WG). I have been waiting for tls-authz-extns to go 
>through the process before I start with 
>draft-keromytis-tls-authz-keynote-01. I invite every 
>interested party to send me comments. You may find it useful 
>to first read RFCs
>2704 (at least the first few sections) and 2792.
>Best,
>-Angelos
>
>
>On Feb 11, 2009, at 7:02 PM, Alfred HÎnes wrote:
>
>> At Wed, 11 Feb 2009 16:20:14 -0500 (EST), Dean Anderson  wrote:
>>
>>>                                                      ...  And as 
>>> programmer and developer, I will probably have some non-patented 
>>> alternatives to present.
>>>
>>>              --Dean
>>
>> Dean,
>> that's really laudable progress, leading back to technical 
>discussion 
>> of possible alternative solutions.
>> Please indeed prepare such I-D as soon as feasible.
>>
>>
>> I heartly invite other interested parties as well to submit their 
>> proposals to the TLS WG, and I hereby explicitely would like to 
>> address those many folks that newly started being interested in IETF 
>> work in general and further development and application of TLS in 
>> particular.
>>
>> In order to make life easier for all participants, I suggest 
>to start 
>> with streamlined draft names like draft-<author>-tlz-authz-<xxx>-00 .
>>
>> The WG should be able to perform an unprejudized discussion of 
>> alternative proposals before it comes to determine consensus whether 
>> there is enough interest and support to warrant adopting 'TLS 
>> Authorization' as a new work item, and if so, which
>> draft(s) to base the WG project on.
>>
>> I personally promise to review sound draft proposals in time before 
>> such WG decision (perhaps not initial -00 versions, only enough 
>> elaborate refined versions).
>>
>>
>> One immediate question to the group and the respective author:
>>
>> Draft-housley-tls-authz-extns only defines a framework, and 
>according 
>> to the past exegesis of the imprecise IPR statements under 
>discussion, 
>> only the application of that framework to specific use cases 
>might be 
>> encumbered by these claims.
>> However, the recent I-D, draft-keromytis-tls-authz-keynote-01,
>> together with a supporting sibling document,
>> draft-keromytis-keynote-x509-01 (both still rough and lacking 
>> important details), defines a concrete instantiation of that 
>> framework.
>> In how far is that instantiation encumbered by these IPR claims?
>> Is it burdened with other patent claims?
>>
>>
>> Kind regards,
>>  Alfred HÎnes.
>>
>> --
>>
>> +------------------------
>> +--------------------------------------------+
>> | TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.- 
>> Phys.  |
>> | Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax:  
>> -18         |
>> | D-71254  Ditzingen     |  E-Mail:  ah@TR- 
>> Sys.de                     |
>> +------------------------
>> +--------------------------------------------+
>>
>>
>
>_______________________________________________
>Ietf mailing list
>Ietf@ietf.org
>https://www.ietf.org/mailman/listinfo/ietf
>

v2.23.0 | Report a Bug | By Email