IETF Logo Mail Archive

[vwrap] Why are we standardizing the login handshake? (was RE: one question)

"Hurliman, John" <john.hurliman@intel.com> Fri, 24 September 2010 21:51 UTC

Return-Path: <john.hurliman@intel.com>
X-Original-To: vwrap@core3.amsl.com
Delivered-To: vwrap@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7EC7F3A6A58 for <vwrap@core3.amsl.com>; Fri, 24 Sep 2010 14:51:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.231
X-Spam-Level:
X-Spam-Status: No, score=-6.231 tagged_above=-999 required=5 tests=[AWL=0.368, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rmQ42o-qPL0v for <vwrap@core3.amsl.com>; Fri, 24 Sep 2010 14:51:29 -0700 (PDT)
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by core3.amsl.com (Postfix) with ESMTP id 642883A6A45 for <vwrap@ietf.org>; Fri, 24 Sep 2010 14:51:24 -0700 (PDT)
Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga102.jf.intel.com with ESMTP; 24 Sep 2010 14:51:57 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="4.57,231,1283756400"; d="scan'208";a="660890893"
Received: from rrsmsx603.amr.corp.intel.com ([10.31.0.57]) by orsmga001.jf.intel.com with ESMTP; 24 Sep 2010 14:51:53 -0700
Received: from rrsmsx506.amr.corp.intel.com ([10.31.0.39]) by rrsmsx603.amr.corp.intel.com ([10.31.0.57]) with mapi; Fri, 24 Sep 2010 15:51:52 -0600
From: "Hurliman, John" <john.hurliman@intel.com>
To: "vwrap@ietf.org" <vwrap@ietf.org>
Date: Fri, 24 Sep 2010 15:51:53 -0600
Thread-Topic: Why are we standardizing the login handshake? (was RE: [vwrap] one question)
Thread-Index: ActcMeW5D9P/8FMrS92kaNnMWb+9JQ==
Message-ID: <62BFE5680C037E4DA0B0A08946C0933D012AD7E06A@rrsmsx506.amr.corp.intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [vwrap] Why are we standardizing the login handshake? (was RE: one question)
X-BeenThere: vwrap@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group <vwrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vwrap>
List-Post: <mailto:vwrap@ietf.org>
List-Help: <mailto:vwrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vwrap>, <mailto:vwrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2010 21:51:31 -0000

> ...
> 
> Great. Now can you please explain to me why this matters for interop:
> http://tools.ietf.org/html/draft-ietf-vwrap-authentication-00
> Not just the title, but the actual content of that draft.
> 

That's the concise example of what doesn't fit that I was looking for, thank you. Honestly, I have no idea how we are furthering interop by standardizing the login process. Maybe it fits in as an authentication step? But--and I'm going to keep using the OpenID analogy here because I think there are a lot of similarities to draw on--OpenID describes its own authentication step as "and then some fill in the blank happens here". They purposely leave it out of scope and only standardize on how you prove ownership of an identity across trust domains, the server-to-server endpoints. That makes more sense to me than saying "and then you send a SHA-256 hash of your password to authenticate, and maybe wait for a maintenance daemon to do some processing, and...". Meadhbh, can you comment on this?

John

v2.8.7 | Report a Bug | By Email