Re: CIFS and the krb5 PRF

To: Andrew Bartlett <abartlet at samba.org>
Subject: Re: CIFS and the krb5 PRF
From: Jeffrey Altman <jaltman at columbia.edu>
Date: Mon, 27 Jun 2005 05:27:50 -0400
Cc: kitten at ietf.org, Sam Hartman <hartmans-ietf at mit.edu>
In-reply-to: <1119863504.8698.22.camel@amy.flyaway.abartlet.net>
List-archive: <http://www1.ietf.org/pipermail/kitten>
List-help: <mailto:kitten-request@lists.ietf.org?subject=help>
List-id: Common Authentication Technologies - Next Generation <kitten.lists.ietf.org>
List-post: <mailto:kitten@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@lists.ietf.org?subject=unsubscribe>
Organization: No Longer Affiliated with Columbia University in the City of New York
References: <1113608643.7488.274.camel@amy.samba4.abartlet.net> <42607B3A.3010806@columbia.edu> <42608663.2060506@sun.com> <200504211232.20480.mpeterson@vintela.com> <tsld5q88ze0.fsf@cz.mit.edu> <1119863504.8698.22.camel@amy.flyaway.abartlet.net>
Sender: kitten-bounces at lists.ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414

Andrew Bartlett wrote:

> Given the strongly held views of represented here that Samba4 (in
> particular) should not be locked into a particular Kerberos/GSSAPI
> implementation, where should I address discussion about the changes that
> Samba4 requires?
> 
> I have already made a number of experimental modifications to Heimdal
> kerberos (a copy of which we will ship built into Samba4 for initial
> release).  While I already get some good feedback from Love, I know
> others have views.  
> 
> The 'CIFS Session key' export is just one of these required extensions -
> we also need to change the GSS_Wrap arguments to support AEAD, and
> closer control over the underlying Kerberos behaviour.
> 
> Andrew Bartlett

Discussions of proprietary mechanism extensions for Kerberos 5 such as
access to the Kerberos 5 ticket (or ticket parts) that you wish to be
adopted by both Heimdal and MIT Kerberos should take place on the
krbdev at mit.edu mailing list.   The same is true for anything other
change that would be incompatible with implementations of GSS API
version 2 update 1.

Discussions that are appropriate for the Kitten list are any changes
this working group should consider for GSS API version 3.

Jeffrey Altman

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Kitten mailing list
Kitten at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/kitten

Follow-Ups:
- Re: CIFS and the krb5 PRF
  - From: Andrew Bartlett

References:
- CIFS and the krb5 PRF
  - From: Andrew Bartlett
- Re: CIFS and the krb5 PRF
  - From: Jeffrey Altman
- Re: CIFS and the krb5 PRF
  - From: Wyllys Ingersoll
- Re: CIFS and the krb5 PRF
  - From: Matt Peterson
- Re: CIFS and the krb5 PRF
  - From: Sam Hartman
- Re: CIFS and the krb5 PRF
  - From: Andrew Bartlett

Prev by Date: Re: CIFS and the krb5 PRF
Next by Date: Re: CIFS and the krb5 PRF
Previous by thread: Re: CIFS and the krb5 PRF
Next by thread: Re: CIFS and the krb5 PRF
Index(es):
- Date
- Thread

Re: CIFS and the krb5 PRF

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.