Re: [TLS] Negotiation in draft-santesson-tls-gssapi

To: lzhu at windows.microsoft.com (Larry Zhu)
Subject: Re: [TLS] Negotiation in draft-santesson-tls-gssapi
From: Martin Rex <Martin.Rex at sap.com>
Date: Thu, 19 Jul 2007 04:05:13 +0200 (MEST)
Cc: Nicolas.Williams at sun.com, tls at ietf.org
In-reply-to: <CAAAEFE273EAD341A4B02AAA9CA6F73306C735D5@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com> from "Larry Zhu" at Jul 18, 7 05:41:49 pm
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Reply-to: martin.rex at sap.com

Larry Zhu wrote:
> 
> The current ID gives us the means to do both, the GSS data can be in
> clear text or encrypted.

*I* certainly can not see that in the current draft.

>
> The GSS-API token can contain the real GSS
> mechanism tokens protected by certificate-based TLS.

How?  You mean by renegotiation -- similar to how one can
protect the SSL client cert?  that would add roundtrips, wouldn't it?

> 
> Comparing Martin's rough proposal, the current ID optimizes for the
> minimal # of roundtrips and gives us more a more generic and more
> extensible solution. 

If you coalesce the first GSS-API context establishment roundtrip
onto the TLS finished messages you have the same amount of roundtrips
for a TLS+rfc-1964 kerberos authentication than for a plain TLS
handshake.   

Did I miss a clever roundtrip reduction of the TLS handshake
in the current ID, or could there be an error in your counting?

> 
> The # of roundtrip is important for some applications and environments.
> Therefore the current ID wins with a clear cut in term of the required #
> of round-trips.

When SPNEGO is used in the current proposal and the optimistic
token is wrong on the, then the current ID incurs an additional roundtrip.
My proposal didn't need an optimistic token and therefore can not
suffer such an additional-roundtrip penalty.

To me, this looks like equal roundtrips, and a loss for the current ID
if the optimistic token is wrong compared to my envisoned architecture.

-Martin

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Negotiation in draft-santesson-tls-gssapi
  - From: Nicolas Williams
- Re: [TLS] Negotiation in draft-santesson-tls-gssapi
  - From: Martin Rex
- RE: [TLS] Negotiation in draft-santesson-tls-gssapi
  - From: Larry Zhu

References:
- RE: [TLS] Negotiation in draft-santesson-tls-gssapi
  - From: Larry Zhu

Prev by Date: RE: [TLS] Negotiation in draft-santesson-tls-gssapi
Next by Date: RE: [TLS] Negotiation in draft-santesson-tls-gssapi
Previous by thread: RE: [TLS] Negotiation in draft-santesson-tls-gssapi
Next by thread: RE: [TLS] Negotiation in draft-santesson-tls-gssapi
Index(es):
- Date
- Thread

Re: [TLS] Negotiation in draft-santesson-tls-gssapi

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.