Re: [TLS] the use cases for GSS-based TLS and the plea for integrating

To: jaltman at secure-endpoints.com
Subject: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
From: Chris Newman <Chris.Newman at Sun.COM>
Date: Fri, 27 Jul 2007 09:03:04 -0500
Cc: tls at ietf.org
In-reply-to: <46A91838.5050705@secure-endpoints.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <200707171840.l6HIeg9M018099@fs4113.wdf.sap.corp> <48A6320349FD1EDBE937A357@dhcp-26f9.ietf69.org> <C4E819FF73EA6ED22A3906CD@446E7922C82D299DB29D899F> <7CD9366321AC463125D19ED4@446E7922C82D299DB29D899F> <46A91838.5050705@secure-endpoints.com>

Jeffrey Altman wrote on 7/26/07 17:55 -0400:

Chris Newman wrote:

I will certainly do that.  However, I recommend you talk to
application developers who consume TLS and GSSAPI/SSPI/SASL/EAP APIs
to see how they feel about these issues.

Chris:

If I am reading you correctly, you would like to see proposals for
example describing how the Windows SSPI and OpenSSL among other TLS
implementations would need to be modified to support the described
functionality.  I think that this is a very important consideration and
I would be happy to propose changes for OpenSSL as I was involved in
adding the support for TLS KRB5 to OpenSSL many years ago.

Yes. And it's not just changes to the TLS stacks, but also to the applications that consume the TLS stacks.

I also encourage serious consideration of alternate approaches that involve fewer changes to the TLS stack.

               - Chris


_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: Martin Rex
- Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: Chris Newman
- RE: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: Chris Newman
- RE: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: Chris Newman
- Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: Jeffrey Altman

Prev by Date: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
Next by Date: RE: [TLS] the use cases for GSS-based TLS and the plea for integrating
Previous by thread: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
Next by thread: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
Index(es):
- Date
- Thread

Re: [TLS] the use cases for GSS-based TLS and the plea for integrating

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.