[12:21:04] --- jas has joined
[13:45:23] --- kenh has joined
[14:17:35] --- DougEngert has joined
[14:23:34] --- hartmans has joined
[14:27:49] --- tlyu has joined
[14:30:39] --- raeburn has joined
[14:31:42] --- larry has joined
[14:32:24] --- BrianTung has joined
[14:34:28] --- Jeffrey Altman has joined
[14:34:28] <kenh> jhutz: The meeting has opened.
[14:34:44] <kenh> Web page for presentations: http://grand.central.org/krb-wg/
[14:34:54] --- ludomp has joined
[14:35:03] <BrianTung> Which draft are we talking about advancing to last call? pk-init?
[14:35:41] <hartmans> None that I know of
[14:35:46] <Jeffrey Altman> Agenda Bashing begins
[14:35:48] <hartmans> Eventuall (soon?) pkinit
[14:36:47] <Jeffrey Altman> The times specified on the agenda are random guesses
[14:37:09] <Jeffrey Altman> we really need to leave time for milestone updates
[14:37:14] <Jeffrey Altman> On to Document Status Reports
[14:37:26] <Jeffrey Altman> Crypto Framework near top of RFC Editors queue
[14:37:52] <Jeffrey Altman> authors 48 hours in the next few weeks
[14:39:00] <Jeffrey Altman> two things which are different in the final version then what is in the repository. (1) additional of PRF; (2) checksum calculation for DES should include padding.
[14:39:17] <Jeffrey Altman> The existing implementations include padding in DES checksum.
[14:39:25] <BrianTung> Is this chat being dumped somewhere so we can review it later?
[14:40:08] --- rlbob has joined
[14:40:10] <kenh> All of the jabber chat logs are logged somewhere on the web ...
[14:40:14] <kenh> let me find it.
[14:40:42] <hartmans> Brian, yes. See the ietf.xmpp.org web page
[14:41:20] <Jeffrey Altman> GSSAPI-CFX. There is text from RFC 1964 which Larry believes should be imported from 1964 to discuss naming.
[14:41:54] <kenh> (FYI: http://ietf.xmpp.org redirects to www.jabber.org, and I don't know where to go from there)
[14:42:08] <BrianTung> I'll do some scrounging around.
[14:42:27] --- warlord has joined
[14:42:59] <kenh> Ah, you want: http://www.xmpp.org/ietf-logs/krb-wg@ietf.xmpp.org/2004-11-10.html
[14:43:04] <Jeffrey Altman> Please comment on the list if you have a comment. Consensus has not yet been reached. No ticket number has been issued yet.
[14:43:11] --- BrianTung has left: Disconnected
[14:43:11] --- lha has joined
[14:43:23] <Jeffrey Altman> Clarifications: was approved by the IESG. Let's try not to change it again.
[14:43:35] --- BrianTung has joined
[14:44:05] <kenh> Brian, did you see that URL?
[14:44:15] <BrianTung> Thanks, yes, I did.
[14:44:27] <Jeffrey Altman> GSS-API Mechanism Extensions: the discussions and the work will be performed in the Kitten Working Group. The Last Call on these documents will take place in both places.
[14:44:52] <Jeffrey Altman> Sam: If you are a participant in the Kerberos WG but are not interested in participating in Kitten, please contact the Chair
[14:44:56] --- kazunori has joined
[14:45:20] --- dumdidum has joined
[14:46:50] <Jeffrey Altman> Tom Yu begins:
[14:47:05] --- jhutz has joined
[14:47:07] <Jeffrey Altman> Update on Kerbeors Extensibility
[14:47:31] <Jeffrey Altman> Document Status.
[14:48:03] --- amelnikov has joined
[14:48:18] <Jeffrey Altman> http://grand.central.org/krb-wg/ietf61/krbext-slides.pdf
[14:48:39] --- pbh has joined
[14:50:36] <Jeffrey Altman> ?Should we use RELATIVE-OIDs or Integers? Sam: we should stick to the decisions of the Boulder Interim meeting minutes unless someone requests to re-open the discussion.
[14:51:17] <Jeffrey Altman> Tom: we can save up to 30 bytes per message if we try hard.
[14:52:41] <Jeffrey Altman> ?which notational conventions should we use? 1510 did a poor job of maintaining consistency
[14:54:57] <Jeffrey Altman> decision to use double quotes
[14:55:58] <Jeffrey Altman> The draft will be republished as a working group draft after the blackout period
[14:57:05] <Jeffrey Altman> Open questions: . what should the module look like? . which IANA assignment policy do we want to use? (if any) .
[14:58:16] <Jeffrey Altman> . incorporate preauth framework? (defer to Sam's presentation)
[14:58:58] <Jeffrey Altman> . do we want a new document name for Kerberos Extensions?
[14:59:25] --- kazunori has left: Replaced by new connection
[14:59:37] --- kazunori has joined
[15:01:01] <Jeffrey Altman> draft-ietf-krbwg-extensible-kerberos....
[15:02:01] <kenh> jhutz: Extensive discussion about relative OIDs
[15:02:19] <kenh> jhutz: Defer the discussion about assignment of OID space.
[15:02:49] <kenh> sam: That discussion was about ASN.1 CHOICE.
[15:03:28] <kenh> jhutz: I think from looking back over the minutes of the Boulder meeting that we agreed to use relative OIDs.
[15:04:10] <kenh> ----------------
[15:04:17] <kenh> Brian Tung on pkinit
[15:06:00] <kenh> Issues closed: #499 - Refs of 1510 verus clarifications
[15:06:13] <kenh> #513 - Context tag inconsistency in TrustedCAs
[15:06:24] <kenh> #518 - Unconstrained integers
[15:06:33] <kenh> #523 - DER versus BER
[15:06:47] <kenh> #527 - Wrap CMS objects in OCTET STRING.
[15:07:29] <kenh> jhutz: We finally solved the DAMN DER VERSUS BER ISSUE! HOORAY!
[15:07:56] <kenh> More closed issues: #529 - ASN.1 inconsistsency
[15:08:04] <kenh> #530 - DH group selection
[15:08:15] <kenh> #531 - Don't include root CA cert
[15:08:26] <kenh> #612 - AES algorithm OID
[15:08:33] <kenh> #666 - remove enccryption cert text
[15:08:46] <kenh> #667 - Add RFC 2119 reference
[15:10:45] <kenh> lha - Re, #666, while I asked for text to be removed (because there was no protocol reference), but the original issue (some certs cannot be used for encryption) still remains.
[15:12:10] <kenh> jhutz: Part of this problem is the issue of splitting a ticket. Ticket #625 (proposed by lha) was to remove the field from the protocol back in rev 20.
[15:13:06] <kenh> sam: I think that adding the encryption field is additional complexity for no real gain.
[15:13:41] <kenh> jhutz: Does MS support a signing cert with a seperate encryption cert?
[15:13:51] <kenh> larry: No, we consider DH sufficient.
[15:15:08] <kenh> jhutz: Problem is that a client could have only a signing-only cert? Do we want to deal with this by supporting an additional encryption cert?
[15:15:29] <kenh> jhutz: Half the room was strong no, other half was silent, which seemed like a "don't care"
[15:15:42] <kenh> Brian: Issues believed open
[15:15:48] <Jeffrey Altman> Please revisit the topic on the list. I would like to see it supported but I don't have a strong justification for that position.
[15:16:03] <kenh> #507 - PKINIT support
[15:16:04] <jhutz> it will be revisited on the list
[15:16:11] <kenh> #512 - Unauthenticated plaintext
[15:16:26] <kenh> #516 - Mapping of cname
[15:16:35] <kenh> #522 - Text for key to use in encKey case
[15:16:51] <kenh> #526 - SubjectAltName/OtherName
[15:18:01] <kenh> Brian: Issues believed in limbo
[15:18:17] <kenh> #501 - PA ypes (awaiting completion of draft)
[15:18:38] <kenh> #509 - DH key derivation (extraneous text to be removed, Sam's comment later retracted?)
[15:19:17] <kenh> #611 - Checksum issues (Ken's draft referenced in pk-init-21, review Ken & Sam's proposed approach).
[15:20:18] <kenh> nico: Do we reallly need a seperate draft to say "SHA-1 is the thing you use?"
[15:20:26] <kenh> jhutz: no, that's not what the draft is for.
[15:22:04] <kenh> nico: I will write text to explain how to indcate that you support kinit.
[15:26:05] <kenh> jhutz: love, #526 was yours.
[15:26:40] <kenh> lha: You can't put restictions on the SubjectAltName/OtherName values.
[15:26:45] <kenh> (in the x.509 spec)
[15:27:05] --- pbh has left
[15:27:24] <kenh> russ: That's done because we don't know what is coming next.
[15:27:53] <kenh> nico: If a client asserts a cname, then it's up to the KDC
[15:28:34] <kenh> lha: related question: Is it smart to add an ASN.1 encoded struct for the OtherName there?
[15:28:50] <kenh> lha: Is it better to use something else, like a string?
[15:32:45] <kenh> sam: Strongest argument against name constraints: 1) no one would want this, and 2) the KDC is always in the loop and can enforce name constraints.
[15:32:55] <kenh> sam: I'm not sure I find these compelling
[15:33:03] <kenh> russ: I find the KDC being in the loop compelling.
[15:34:11] <kenh> jhutz: Can I have a critical constraint of this type?
[15:36:08] <kenh> russ: I think so, let me check.
[15:36:38] <kenh> russ: Named constraints MUST be critical.
[15:36:43] --- Jeffrey Altman has left: Replaced by new connection
[15:36:44] --- Jeffrey Altman has joined
[15:36:44] --- Jeffrey Altman has left
[15:36:46] <kenh> jhutz: Okay, sounds like this is resolved.
[15:36:55] --- Jeffrey Altman has joined
[15:38:15] <kenh> jhutz: Next issue #611 - Checksum negotiation/issues and the lack thereof in PKINIT
[15:38:50] <kenh> sam: Basic problem - Kerberos checksums aren't intended to be used what we're using them for.
[15:39:14] <kenh> sam: They're intended for Kerberos operations, not intended to be a random oracle for DH operations.
[15:39:32] <kenh> sam: Some people have said kcrypto should deal; I've objected to this.
[15:40:01] <kenh> sam: Anything doing DH already has to do DH group negotiation today.
[15:40:38] <kenh> sam: Ken R went through the work of writing up a unkeyed SHA-1 checksum for kcrypto for PKINIT, but discovered it didn't fit the model.
[15:41:53] <kenh> sam: We could do some things to make it just a raw SHA-1 checksum now, and add a way to do negotiation later.
[15:43:04] <kenh> sam: The hum was in favor of _not_ doing negotiation now (but will have to check on the list with cablelabs)
[15:45:51] <Jeffrey Altman> Larry to present "OCSP for PKINIT"
[15:46:26] <Jeffrey Altman> http://grand.central.org/krb-wg/ietf61/OCSP-for-PKINIT.pdf
[15:47:12] <Jeffrey Altman> Larry: we don't want to download entire CRL files; and would like to cache responses to prevent the need to regenerate responses.
[15:47:50] <Jeffrey Altman> Larry: We also want to be able to detect revocations sooner then the CRLs will be regenerated
[15:48:18] <Jeffrey Altman> Larry: the KDC always has a better connection to the internet then the client. Therefore, we want to leverage it.
[15:48:33] <Jeffrey Altman> The draft is draft-ietf-krb-wg-ocsp-for-pkinit-01.txt
[15:49:47] <Jeffrey Altman> Larry: it was sent to the list but there was no feedback either positive or negative. Please read and post comments both positive or negative. We will Last Call this in the working group soon.
[15:51:07] <Jeffrey Altman> Larry: there are some differences between our model and other OSCP profiles. For example, our draft does not require the use of an OCSP responder if it is available.
[15:53:15] <hartmans> I was confused about what the references were too
[15:53:17] <Jeffrey Altman> Ryan Hurst (Microsoft): why don't you want an informational reference in the document? Answer: timing. The How to use OCSP document is an individual draft and must not hold up publication of PKINIT
[15:53:34] <BrianTung> Incidentally, the pk-init-21 power point is at http://grand.central.org/krb-wg/ietf61/pk-init-21.pdf
[15:53:56] <BrianTung> http://grand.central.org/krb-wg/ietf61/pk-init-21.ppt for the power point source.
[15:54:18] <kenh> sam: preauth framework
[15:54:28] <kenh> sam: I think I'm at the point where I need a co-editor.
[15:54:31] <Jeffrey Altman> [no slides]
[15:54:50] <kenh> sam: I think the document is complete in terms of signatures of preauth data.
[15:55:28] <kenh> sam: Everything else .. there is text that is done, but we need someone to pull the combine key function out of SAM draft.
[15:55:35] <kenh> sam: Could use some artwork for the state machine.
[15:55:42] <kenh> sam: And could use some examples.
[15:55:57] <kenh> sam: Last draft I introduced the concept of an authentication session.
[15:56:34] <kenh> The KDC doesn't keep state, so the client needs to remind the KDC where it is at every step along the way.
[15:57:28] <kenh> It was easy to fall off of a cliff because you could violate the security requirements of a preauth framework you didn't know you needed to use.
[15:57:42] <kenh> Thus, I introduced the concept of an authentication set.
[15:58:04] <kenh> e.g., PKINIT _or_ anonymous DH + encrypted timestamp
[15:58:54] <kenh> jeff altman: What about SRP?
[15:59:26] <kenh> sam: that's _interesting_ .... there are IPR issues with SRP, but those are not necessarily show stoppers.
[15:59:58] <kenh> sam: I originally targed this at the clarifications universe, but I don't think it's useful ... probably only useful in an extensions universe.
[16:02:06] <kenh> sam: Do we expect that there will be enough clarifications preauth mechanisms that we need this framework? Since I think there is only SAM, which doesn't currently use this framework.
[16:02:29] <kenh> nico: I think that we should definately only target extensions.
[16:04:18] <Jeffrey Altman> an outstanding issue. Sam needs a co-editor. let's take document and co-editor to the list
[16:04:20] --- paul.knight has joined
[16:04:28] <Jeffrey Altman> Larry will present referrals
[16:04:33] <Jeffrey Altman> http://grand.central.org/krb-wg/ietf61/KDC-Referrals.pdf
[16:05:21] <Jeffrey Altman> draft-ietf-krb-wg-kerberos-referrals-05
[16:05:45] <Jeffrey Altman> Larry: another update today but we need to get this document to last call
[16:06:31] <Jeffrey Altman> Larry: a hallway meeting in San Diego came up with a method for preventing a cut/paste attack
[16:06:59] <Jeffrey Altman> Larry: Changes since 04 draft.
[16:07:16] <Jeffrey Altman> L: allows server referrals in AS message exchange
[16:07:37] <Jeffrey Altman> L: instead of using the reply key to contain the referral info we will use the reply-ticket session key
[16:08:15] <Jeffrey Altman> L: cross realm authentication can be viewed as a special case of server referrals
[16:08:20] --- paul.knight has left
[16:08:34] <Jeffrey Altman> L: server referrals and routing referrals are therefore combined
[16:09:07] <Jeffrey Altman> L: we need more feedback on this draft. everyone is busy but we need review.
[16:09:40] <Jeffrey Altman> L: the mechanism is straight forward, if we can review soon then we can go to Last Call.
[16:10:09] --- tanupoo has joined
[16:10:29] <Jeffrey Altman> L: there are no known outstanding issues, therefore there are no tickets in the tracker
[16:12:34] <Jeffrey Altman> Sam: the reviewers are focused on SPNEGO and PKINIT. Those are the blocking items
[16:13:38] <kenh> Nico: set-change-password
[16:13:58] <kenh> nico: Nothing to report - big issue that came up last time (Larry had issue with localization)
[16:15:41] <kenh> Larry: we would like to propose a change, but we might need to go to legal.
[16:16:17] <kenh> nico: Any review would be nice.
[16:16:52] <Jeffrey Altman> Milestones!!!!!!! We need milestones!!!!!!
[16:17:50] <Jeffrey Altman> we need to get feedback on the information model
[16:18:09] --- larry has left
[16:18:29] <kenh> nico: One thing people want from set-change-password is an interoperable ktadd.
[16:19:14] <kenh> jhutz: reviewing milestones ...
[16:19:27] <Jeffrey Altman> tom thinks the current document is complete enough to be submitted as a working group draft.
[16:19:37] <Jeffrey Altman> first draft of extensions will be met at that time
[16:20:50] --- warlord has left: Logged out
[16:20:51] --- warlord has joined
[16:20:51] --- warlord has left: Logged out
[16:20:56] --- warlord has joined
[16:20:56] --- Rui Paulo has joined
[16:21:38] <Jeffrey Altman> Sam: who will take responsibility for the PKINIT SHA1 Checksum text? No text to be written. Ken posted changes (mostly deletions) to the mailing list.
[16:22:54] <Jeffrey Altman> When should we last call PKINIT? how many weeks?
[16:24:53] <Jeffrey Altman> Last call for Monday Nov 29th for PKINIT
[16:25:11] <Jeffrey Altman> What is the next milestone for Extensions?
[16:25:12] --- hartmans has left
[16:26:50] <Jeffrey Altman> March IETF - Reach consensus on major issues June IETF - Last Call
[16:27:10] <Jeffrey Altman> what is the next milestone for OCSP?
[16:27:44] --- raeburn has left: Disconnected
[16:27:51] --- raeburn has joined
[16:28:13] <Jeffrey Altman> Publish OCSP with informative reference next and we will Last Call when it appears
[16:28:24] <Jeffrey Altman> Next milestone for Set/Change Password?
[16:28:32] --- tlyu has left
[16:29:28] <Jeffrey Altman> Consensus on direction by Feb 05; and Last Call Sept 05
[16:29:51] <Jeffrey Altman> please open a ticket for Larry's localization issue by end of November
[16:30:37] <Jeffrey Altman> No milestones for Pre-auth framework
[16:31:00] <Jeffrey Altman> Referrals milestones? Last Call Feb 05
[16:31:05] --- warlord has left: Replaced by new connection
[16:31:29] <Jeffrey Altman> nope, make it June 05 due to lack of reviewers
[16:32:09] <Jeffrey Altman> removing milestone for PKCROSS
[16:32:16] <Jeffrey Altman> Charter Review Sept 05
[16:32:44] <Jeffrey Altman> Action Items for Pre-auth: find co-editor and implementor
[16:33:11] --- amelnikov has left
[16:33:36] --- BrianTung has left
[16:33:57] --- kenh has left: Disconnected
[16:34:12] <Jeffrey Altman> meeting over
[16:34:15] --- Jeffrey Altman has left: Disconnected
[16:34:18] --- kazunori has left
[16:34:20] --- jas has left
[16:34:57] --- DougEngert has left
[16:35:04] --- tanupoo has left
[16:35:21] --- tanupoo has joined
[16:35:33] --- Rui Paulo has left
[16:35:45] --- tanupoo has left
[16:36:27] --- raeburn has left
[16:38:50] --- rlbob has left
[16:38:52] <jhutz> Thanks to the scribes.
[16:38:58] --- jhutz has left
[16:40:47] --- lha has left
[16:45:50] --- ludomp has left
[16:58:01] --- dumdidum has left: Disconnected
[18:04:31] --- dumdidum has joined
[18:12:41] --- dumdidum has left
[18:32:26] --- Jeffrey Altman has joined
[18:32:40] --- Jeffrey Altman has left
[21:37:41] --- larry has joined
[21:41:27] --- larry has left