[Isms] d) was dublin isms meeting minutes

["tom.petch" <cfinss at dial.pipex.com>]

----- Original Message -----
From: "Juergen Schoenwaelder" <j.schoenwaelder at jacobs-university.de>
To: <isms at ietf.org>
Sent: Friday, August 29, 2008 3:44 PM
Subject: [Isms] dublin isms meeting minutes

<snip>

>    d) We can assume that SSH provides to us a suitable user name
>     that does not need a specific mapping. For SSH authentication
>     mechanisms such as GSSAPI, we can assume that SSH internally
>     maps into a user name that can be used outside of SSH.

This puzzles me.  To quote Jeff from the thread on  'mapping here ...',

"I suspect the best thing to do is to assume that the architecture has a
32-character limit for security names, keep that same limit in TSM, and arrange
for SSHTM to never emit names longer than that."

which sounds suspiciously like a requirement for a mapping in SSHTM to me.

In previous discussions on this, it was posited that user names might be
(lengthy) OIDs or fingerprints and that DOCSIS had particular requirements here
(not sure what they were).


And, when this came up before, there were doubts about compatability of
character set.

I take it that

"         this
          information is represented using the ISO/IEC
          IS 10646-1 character set, encoded as an octet
          string using the UTF-8 transformation format
          described in [RFC2279]."

is essentially the same as

"user name on the client host in ISO-10646 UTF-8 encoding [RFC3629]
?


Tom Petch


_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms