[TLS] the use cases for GSS-based TLS and the plea for integrating Kerberos with TLS: draft-santesson-tls-gssapi
Larry Zhu <lzhu@windows.microsoft.com> Tue, 17 July 2007 03:29 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAdkr-00036v-9L; Mon, 16 Jul 2007 23:29:41 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IAdkp-00035c-N3 for tls@ietf.org; Mon, 16 Jul 2007 23:29:39 -0400
Received: from mail1.microsoft.com ([131.107.115.212] helo=smtp.microsoft.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IAdkp-0004nM-EI for tls@ietf.org; Mon, 16 Jul 2007 23:29:39 -0400
Received: from tk5-exhub-c104.redmond.corp.microsoft.com (157.54.70.185) by TK5-EXGWY-E801.partners.extranet.microsoft.com (10.251.56.50) with Microsoft SMTP Server (TLS) id 8.0.700.0; Mon, 16 Jul 2007 20:28:18 -0700
Received: from win-imc-02.wingroup.windeploy.ntdev.microsoft.com (157.54.69.169) by tk5-exhub-c104.redmond.corp.microsoft.com (157.54.70.185) with Microsoft SMTP Server id 8.0.726.0; Mon, 16 Jul 2007 20:28:18 -0700
Received: from WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com ([157.54.62.25]) by win-imc-02.wingroup.windeploy.ntdev.microsoft.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 16 Jul 2007 20:28:17 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
x-cr-puzzleid: {D6636E5C-6B9B-4CDB-9310-30C57050A37E}
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
x-cr-hashedpuzzle: ALsN COTW CRHp CSbw Cfbt EAxh EXbp E0Di E+hH GcWi G1zH H9MS IGKH ISEJ I2cp I6dX; 1; dABsAHMAQABpAGUAdABmAC4AbwByAGcA; Sosha1_v1; 7; {D6636E5C-6B9B-4CDB-9310-30C57050A37E}; bAB6AGgAdQBAAHcAaQBuAGQAbwB3AHMALgBtAGkAYwByAG8AcwBvAGYAdAAuAGMAbwBtAA==; Tue, 17 Jul 2007 03:27:43 GMT; dABoAGUAIAB1AHMAZQAgAGMAYQBzAGUAcwAgAGYAbwByACAARwBTAFMALQBiAGEAcwBlAGQAIABUAEwAUwAgAGEAbgBkACAAdABoAGUAIABwAGwAZQBhACAAZgBvAHIAIABpAG4AdABlAGcAcgBhAHQAaQBuAGcAIABLAGUAcgBiAGUAcgBvAHMAIAB3AGkAdABoACAAVABMAFMAOgAgAGQAcgBhAGYAdAAtAHMAYQBuAHQAZQBzAHMAbwBuAC0AdABsAHMALQBnAHMAcwBhAHAAaQA=
Content-Class: urn:content-classes:message
Date: Mon, 16 Jul 2007 20:27:43 -0700
Message-ID: <CAAAEFE273EAD341A4B02AAA9CA6F73306BB955A@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: the use cases for GSS-based TLS and the plea for integrating Kerberos with TLS: draft-santesson-tls-gssapi
Thread-Index: AcfIIm+sPHFKmZq/R5SbQADBE+k9TQ==
From: Larry Zhu <lzhu@windows.microsoft.com>
To: tls@ietf.org
X-OriginalArrivalTime: 17 Jul 2007 03:28:17.0968 (UTC) FILETIME=[846F5300:01C7C822]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Cc:
Subject: [TLS] the use cases for GSS-based TLS and the plea for integrating Kerberos with TLS: draft-santesson-tls-gssapi
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
As we know -02 was published and it integrates Kerberos-alike GSS mechanisms with TLS by importing the GSS key as PSK. It does so to minimize the impact to the TLS state machine. http://www.ietf.org/internet-drafts/draft-santesson-tls-gssapi-02.txt EKR requested us to nail down the use cases for this protocol and explain the rational for the integration. In response, the ID revision -03 contains the use cases and why we want to integrate Kerberos with TLS, particularly in the introduction section. http://www.secure-endpoints.com/tls-gss/draft-santesson-tls-gssapi-03.tx t The flowing document based on email posted by Larry Zhu describes additional background information for the protocol design. http://www.secure-endpoints.com/tls-gss/fka-tls.txt thanks, --larry _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] the use cases for GSS-based TLS and the ple… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Love Hörnquist Åstrand
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Love Hörnquist Åstrand
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- Re: [TLS] the use cases for GSS-based TLS and the… Love Hörnquist Åstrand
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- RE: [TLS] the use cases for GSS-based TLS and the… Kemp, David P.
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Nicolas Williams
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- [TLS] Re: the use cases for GSS-based TLS and the… Simon Josefsson
- RE: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- Re: [TLS] Re: the use cases for GSS-based TLS and… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Larry Zhu
- [TLS] Re: the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- RE: [TLS] the use cases for GSS-based TLS and the… Kemp, David P.
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- Re: [TLS] the use cases for GSS-based TLS and the… Leif Johansson
- Re: [TLS] the use cases for GSS-based TLS and the… Yoav Nir
- Re: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- Re: [TLS] the use cases for GSS-based TLS and the… Chris Newman
- RE: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Jeffrey Altman
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Kyle Hamilton
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… pgut001
- Re: [TLS] the use cases for GSS-based TLS and the… Martin Rex
- RE: [TLS] the use cases for GSS-based TLS and the… Kemp, David P.
- RE: [TLS] the use cases for GSS-based TLS and the… Chris Newman