Re: [TLS] Re: Review of draft-santesson-tls-gssapi-00

To: simon at josefsson.org
Subject: Re: [TLS] Re: Review of draft-santesson-tls-gssapi-00
From: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: Wed, 21 Mar 2007 14:05:57 -0400
Cc: arimed at windows.microsoft.com, tls at ietf.org
In-reply-to: <87odmmo60s.fsf@mocca.josefsson.org>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Organization: Secure Endpoints Inc.
References: <A15AC0FBACD3464E95961F7C0BCD1FF01EEDF5A8@EA-EXMSG-C307.europe.corp.microsoft.com> <200703081752.SAA13445@uw1048.wdf.sap.corp> <A15AC0FBACD3464E95961F7C0BCD1FF01EEDF84A@EA-EXMSG-C307.europe.corp.microsoft.com> <861wjyfnmp.fsf@delta.rtfm.com> <A15AC0FBACD3464E95961F7C0BCD1FF01EEDF88A@EA-EXMSG-C307.europe.corp.microsoft.com> <86fy8ee7g5.fsf@delta.rtfm.com> <A15AC0FBACD3464E95961F7C0BCD1FF01EEDFC6F@EA-EXMSG-C307.europe.corp.microsoft.com> <B356D8F434D20B40A8CEDAEC305A1F2403E92576@esebe105.NOE.Nokia.com> <A15AC0FBACD3464E95961F7C0BCD1FF01EF5FEA6@EA-EXMSG-C307.europe.corp.microsoft.com> <B356D8F434D20B40A8CEDAEC305A1F2403E92709@esebe105.NOE.Nokia.com> <33F43BC3-4F76-48B1-9DC9-3B05C951C7BE@checkpoint.com> <B356D8F434D20B40A8CEDAEC305A1F2403ECA9BA@esebe105.NOE.Nokia.com> <802A881C87166D4597F9EEFC3F04F4F80468C8EE@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com> <B356D8F434D20B40A8CEDAEC305A1F2403ECAA05@esebe105.NOE.Nokia.com> <87odmmo60s.fsf@mocca.josefsson.org>
Reply-to: jaltman at secure-endpoints.com
User-agent: Thunderbird 1.5.0.10 (Windows/20070221)

Simon Josefsson wrote:
> I'm not convinced of that.  It is useful for TLS library APIs to be
> consistent with the TLS protocol.  Your proposal was to add the
> GSS-API negotiation after the TLS handshake.
I believe that by negotiating TLS_XXX_GSS_YYY it is implicit that the
TLS library
API must not return until after the GSS handshake has completed. 
Otherwise, what
is the point of adding the new cipher suite designator?

Jeffrey Altman

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Martin Rex
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: EKR
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: EKR
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Yoav Nir
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Ari Medvinsky
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen
- [TLS] Re: Review of draft-santesson-tls-gssapi-00
  - From: Simon Josefsson

Prev by Date: [TLS] Re: Review of draft-santesson-tls-gssapi-00
Next by Date: [TLS] RE: Review of draft-santesson-tls-gssapi-00
Previous by thread: [TLS] Re: Review of draft-santesson-tls-gssapi-00
Next by thread: [TLS] RE: Review of draft-santesson-tls-gssapi-00
Index(es):
- Date
- Thread

Re: [TLS] Re: Review of draft-santesson-tls-gssapi-00

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.