Subject: RE: [security-services] Minutes for Telecon, Tuesday 8 June 2004
All, Reference my name, and a possible AI assignment in the agenda : ----- E) Kerberos profile: Prateek: Did the mailing list discussion end with a conclusion? Scott: It seems that there is nothing in the Kerb protocol that can carry the kerb preauth data, so in general there is no way to derive sophisticated authentication contexts just from a service ticket. Either authn context document (or perhaps the kerb profile doc) should discuss how preauth could be reflected in the authn context Unknown: the authn context document should specify that the relevant data should be obtained securely. John K: Rough proposal contained in the last message on the thread (message June 2004 #43) Scott: suggests just taking the first part of the proposed text; tone down the part that proposes changes to the KDC Missed: is John K going to update authn context, or did we nominate Tim in absentia? Tim> I am quite happy to take on this AI, but I need somebody to first explain what they expect me to do, and what I am agreeing to ? I am also sorry I was not able to take part in second half of con call today so I missed this discussion. Thanks, Tim.