RE: [dix] DRAFT: WAE BOF minutes
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [dix] DRAFT: WAE BOF minutes
Only comment I remember in the BOF itself was EKR pointing out that the underlying aim of SASL is essentially broken, I guess that also applies to GSSAPI. Options in crypto specs are usually bad.
A distinction needs to be made between the authentication mechanism and the authentication protocol. Given an authentication mechanism such as a password, a public key, a biometric there should ideally be one protocol that supports that mechanism.
Having six different algorithms to support password exchange is broken. Six different protocols is worse.
The point of a standards process is not what you put into the spec, its what you leave out.
> -----Original Message-----
> From: Nicolas Williams [mailto:Nicolas.Williams at sun.com]
> Sent: Tuesday, July 18, 2006 8:58 AM
> To: Digital Identity Exchange
> Subject: Re: [dix] DRAFT: WAE BOF minutes
>
> On Sat, Jul 15, 2006 at 08:23:46PM +0200, Eliot Lear wrote:
> > Throughout the entire BoF there was a side conversation of
> SASL v. GSS.
>
> Mostly in the jabber room though...
>
> _______________________________________________
> dix mailing list
> dix at ietf.org
> https://www1.ietf.org/mailman/listinfo/dix
>
>
_______________________________________________
dix mailing list
dix at ietf.org
https://www1.ietf.org/mailman/listinfo/dix
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
