[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Minutes for Telecon, Tuesday 8 June 2004
John, Thanks, yes of course I will be keen to review/help. Tim. -----Original Message----- From: John Kemp [mailto:firstname.lastname@example.org] Sent: 09 June 2004 06:00 To: Tim Alsop; email@example.com; firstname.lastname@example.org; email@example.com Subject: RE: [security-services] Minutes for Telecon, Tuesday 8 June 2004 Tim, I believe the AI is actually for me to massage the text proposal you put on the list and put it into the appropriate place in the authentication context document - your review is, of course, welcomed. - JohnK ))) Message sent using Nokia Access Mobilizer -- www.nokia.com/accessmobilizer ((( --- Original Message --- From: ext Tim Alsop <Tim.Alsop@CyberSafe.Ltd.UK> To: "oasis sstc (E-mail)" <firstname.lastname@example.org>, Steve Anderson <email@example.com> Date: Tue Jun 08 13:41:58 CDT 2004 Subject: RE: [security-services] Minutes for Telecon, Tuesday 8 June 2004 All, Reference my name, and a possible AI assignment in the agenda : ----- E) Kerberos profile: Prateek: Did the mailing list discussion end with a conclusion? Scott: It seems that there is nothing in the Kerb protocol that can carry the kerb preauth data, so in general there is no way to derive sophisticated authentication contexts just from a service ticket. Either authn context document (or perhaps the kerb profile doc) should discuss how preauth could be reflected in the authn context Unknown: the authn context document should specify that the relevant data should be obtained securely. John K: Rough proposal contained in the last message on the thread (message June 2004 #43) Scott: suggests just taking the first part of the proposed text; tone down the part that proposes changes to the KDC Missed: is John K going to update authn context, or did we nominate Tim in absentia? Tim> I am quite happy to take on this AI, but I need somebody to first explain what they expect me to do, and what I am agreeing to ? I am also sorry I was not able to take part in second half of con call today so I missed this discussion. Thanks, Tim. To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/l eave_workgroup.php.