OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] RE: AuthenticationMethod / NameIdentifier and Kerberos authentication

Tim wrote, excerpting: 

>The Kerberos protocol is (as you know) defined in IETF RFC1510, however
>(you probably didn't know) it is now defined in a IETF draft called
>Kerberos clarifications which obsoletes RFC1510 (see
>tions-05.txt). Our documentation needs to reference this correctly.

Per the last sentence, this is true but can sometimes be a tricky thing to
accomplish. As the general discussion of Internet-Drafts as a document type
(http://www.ietf.org/ID.html) states, "Internet-Drafts are not an archival
document series. These documents should not be cited or quoted in any formal
document. Unrevised documents placed in the Internet-Drafts directories have
a maximum life of six months. After that time, they must be updated, or they
will be deleted."  

IETF discussion of revisions and successor drafts to RFC-1510 has been
ongoing at least since 1997; while the current clarifications-05 draft has
been forwarded to the IESG as a candidate for advancement to RFC, I haven't
yet seen any IESG advancement action reported on it.  As such, it's still
possible that further changes will take place before publication of any
subsequent RFC.  One common way to handle this in bibliographies is to cite
something like "<title of document>, work in progress, IETF <nnn> working
group, date.", but (by intent) there's no archival reference that can be
assumed stable until RFC publication takes place.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]