OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] RE: AuthenticationMethod / NameIdentifier and Kerberos authentication

This sounds ok to me. I think it would make good sense to mention
clarifications as 'work in progress' using the approach you indicated.
It is however important to mention it in some way because many people
make the mistake of looking at rfc1510 to find out about Kerberos and
don't realise this isn't the latest definition of the protocol.

Cheers, Tim.

-----Original Message-----
From: Linn, John [mailto:jlinn@rsasecurity.com] 
Sent: 04 June 2004 13:49
To: Tim Alsop; John Kemp
Cc: p.madsen@entrust.com; security-services@lists.oasis-open.org
Subject: RE: [security-services] RE: AuthenticationMethod /
NameIdentifier and Kerberos authentication

Tim wrote, excerpting: 

>The Kerberos protocol is (as you know) defined in IETF RFC1510, however
>(you probably didn't know) it is now defined in a IETF draft called
>Kerberos clarifications which obsoletes RFC1510 (see
>http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-clarific
a
>tions-05.txt). Our documentation needs to reference this correctly.

Per the last sentence, this is true but can sometimes be a tricky thing
to
accomplish. As the general discussion of Internet-Drafts as a document
type
(http://www.ietf.org/ID.html) states, "Internet-Drafts are not an
archival
document series. These documents should not be cited or quoted in any
formal
document. Unrevised documents placed in the Internet-Drafts directories
have
a maximum life of six months. After that time, they must be updated, or
they
will be deleted."  

IETF discussion of revisions and successor drafts to RFC-1510 has been
ongoing at least since 1997; while the current clarifications-05 draft
has
been forwarded to the IESG as a candidate for advancement to RFC, I
haven't
yet seen any IESG advancement action reported on it.  As such, it's
still
possible that further changes will take place before publication of any
subsequent RFC.  One common way to handle this in bibliographies is to
cite
something like "<title of document>, work in progress, IETF <nnn>
working
group, date.", but (by intent) there's no archival reference that can be
assumed stable until RFC publication takes place.

--jl

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]