Proposed PRF changes to address Ken's comments

[Nicolas Williams <Nicolas.Williams at sun.com>]

I propose the following changes to the PRF I-Ds to address Ken's
comments:

 - Change the reference to the Kerberos V mechanism to be a reference to
   the CFX I-D, rather than a reference to RFC1964.


 - Add the following to the Security Considerations of the base PRF I-D:

   For some mechanisms the computational cost of computing
   GSS_Pseudo_random() may increase significantly as the length of the
   prf_in data and/or the desired_output_length increase.  This means
   that if an application can be tricked into providing very large input
   octet strings and requesting very long output octet strings then that
   may constitute a denial of service attack on the application;
   therefore applications SHOULD place appropriate limits on the size of
   any input octet strings received from their peers without integrity
   protection.


 - In the base PRF I-D change:

-   If the implementation cannot produce the desired output due to lack
-   of resources then it MUST output what it can and still return
-   GSS_S_COMPLETE.

   to

+   If the implementation cannot produce the desired output due to lack
+   of resources then it MUST return GSS_S_FAILURE and MUST set a
+   suitable minor status code.


 - I see no value in saying anything more about minor_status.  I think
   RFCs 2743 and 2744, normative references that they are, should answer
   (or not) any questions about it.


 - I await a reply from Seema about Ken's Java bindings question.


Comments?

Nico
-- 

_______________________________________________
Kitten mailing list
Kitten at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/kitten