OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] RE: AuthenticationMethod / NameIdentifierand Kerberos authentication

So, given the state of the Krb specification, I guess its also the case 
that there is no currently defined list of the actual pre-auth methods, 
even though it is planned that there will be one (some day) listed by IANA?

- JohnK

ext Tim Alsop wrote:

>This sounds ok to me. I think it would make good sense to mention
>clarifications as 'work in progress' using the approach you indicated.
>It is however important to mention it in some way because many people
>make the mistake of looking at rfc1510 to find out about Kerberos and
>don't realise this isn't the latest definition of the protocol.
>Cheers, Tim.
>-----Original Message-----
>From: Linn, John [mailto:jlinn@rsasecurity.com] 
>Sent: 04 June 2004 13:49
>To: Tim Alsop; John Kemp
>Cc: p.madsen@entrust.com; security-services@lists.oasis-open.org
>Subject: RE: [security-services] RE: AuthenticationMethod /
>NameIdentifier and Kerberos authentication
>Tim wrote, excerpting: 
>>The Kerberos protocol is (as you know) defined in IETF RFC1510, however
>>(you probably didn't know) it is now defined in a IETF draft called
>>Kerberos clarifications which obsoletes RFC1510 (see
>>tions-05.txt). Our documentation needs to reference this correctly.
>Per the last sentence, this is true but can sometimes be a tricky thing
>accomplish. As the general discussion of Internet-Drafts as a document
>(http://www.ietf.org/ID.html) states, "Internet-Drafts are not an
>document series. These documents should not be cited or quoted in any
>document. Unrevised documents placed in the Internet-Drafts directories
>a maximum life of six months. After that time, they must be updated, or
>will be deleted."  
>IETF discussion of revisions and successor drafts to RFC-1510 has been
>ongoing at least since 1997; while the current clarifications-05 draft
>been forwarded to the IESG as a candidate for advancement to RFC, I
>yet seen any IESG advancement action reported on it.  As such, it's
>possible that further changes will take place before publication of any
>subsequent RFC.  One common way to handle this in bibliographies is to
>something like "<title of document>, work in progress, IETF <nnn>
>group, date.", but (by intent) there's no archival reference that can be
>assumed stable until RFC publication takes place.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]