Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

From: Peter Sylvester <peter.sylvester at edelweb.fr>
To: Hannes Tschofenig <Hannes.Tschofenig at gmx.net>
Cc: 'Melinda Shore' <mshore at cisco.com>, tls at ietf.org, ietf at ietf.org
Date: Fri, 13 Feb 2009 00:28:28 +0100
In-reply-to: <081b01c98d46$d8c731d0$0201a8c0 at nsnintra.net>
References: <07d901c98d3e$0fdb9f70$0201a8c0 at nsnintra.net> <C5B9DD87.327A%mshore at cisco.com> <081b01c98d46$d8c731d0$0201a8c0 at nsnintra.net>

and that there aresome non-trivial advantages to carrying authorizations in-band.
Namely...

Independance between payload and security measures.
Piggybagging information on lower layers is a very old concept.

https was successful over shttp.

I think the patent is made by trolls. There seems to be
lots of evidence of prior art. sending an OSCP
response as part of the TLS session setup
is a standard, where is the difference?

The current hacks to carry SAML assertion using additional

http connection is inefficient, mildly speaking.

The authz has technical problems.
I encourage the TLS working group members to
seriously treat the issue.

Peter Sylvester

References:
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
  - From: Hannes Tschofenig
- Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
  - From: Melinda Shore
- RE: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
  - From: Hannes Tschofenig

Prev by Date: Re: IETF and open source license compatibility
Next by Date: Changes needed to Last Call boilerplate
Previous by thread: Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07
Next by thread: TLS authorization and RedPhone Security patent
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: [TLS] TLS WG Chair Comments on draft-ietf-tls-authz-07

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.