Subject: RE: [security-services] Minutes for Telecon, Tuesday 8 June 2004
Tim, I believe the AI is actually for me to massage the text proposal you put on the list and put it into the appropriate place in the authentication context document - your review is, of course, welcomed. - JohnK ))) Message sent using Nokia Access Mobilizer -- www.nokia.com/accessmobilizer ((( --- Original Message --- From: ext Tim Alsop <Tim.Alsop@CyberSafe.Ltd.UK> To: "oasis sstc (E-mail)" <email@example.com>, Steve Anderson <firstname.lastname@example.org> Date: Tue Jun 08 13:41:58 CDT 2004 Subject: RE: [security-services] Minutes for Telecon, Tuesday 8 June 2004 All, Reference my name, and a possible AI assignment in the agenda : ----- E) Kerberos profile: Prateek: Did the mailing list discussion end with a conclusion? Scott: It seems that there is nothing in the Kerb protocol that can carry the kerb preauth data, so in general there is no way to derive sophisticated authentication contexts just from a service ticket. Either authn context document (or perhaps the kerb profile doc) should discuss how preauth could be reflected in the authn context Unknown: the authn context document should specify that the relevant data should be obtained securely. John K: Rough proposal contained in the last message on the thread (message June 2004 #43) Scott: suggests just taking the first part of the proposed text; tone down the part that proposes changes to the KDC Missed: is John K going to update authn context, or did we nominate Tim in absentia? Tim> I am quite happy to take on this AI, but I need somebody to first explain what they expect me to do, and what I am agreeing to ? I am also sorry I was not able to take part in second half of con call today so I missed this discussion. Thanks, Tim. To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.