[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Q: Conflict between TSIG RFC and GSS-API documents
As the implementor that found the problem that placed the lock
on the GSS-API document, I belive that the lock should be removed
once the TSIG RFC has the appropriate modifications made to allow
the GSS-TSIG draft to advance. I don't think we should advance a
Draft that is not in compliance with the RFC it is ment to enhance.
-Kevin
Your message dated: Fri, 31 Jan 2003 14:36:24 EST
> From the minutes in ATLANTA:
>
>
>>GSSAPI and TSIG conflict:
>> DNSEXT wg generated TSIG RFC
>> DNSEXT wg processed gssapi TSIG
>> just before rfc editor started 48hour period we got a report
>> that there was a conflict between two the documents.
>> TSIG specifies that TSIG can only be used if original query
>> contains TSIG
>> GSSAPI specifies that last message in TKEY exchange has TSIG
>> last message is empty, and this proves the key negotiated is
>> working from security point of view this is a good thing
>>
>> TSIG needs minor updates before advancing to draft standard:
>> is this extensions one of them?
>>
>>The sense of the room was that this was a reasonable extensions and the
>>chair is instructed to take this question to the mailing list.
>
>Does the mailing list agree with this assessment and give
>its consensus that the lock on the GSS-API document be lifted ?
>
>Silence will be taken as agreement.
>
>Please post objections before Feb 12'th.
>
>thanks
> Olafur
>
>
>
>
>--
>to unsubscribe send a message to namedroppers-request@ops.ietf.org with
>the word 'unsubscribe' in a single line as the message text body.
>archive: <http://ops.ietf.org/lists/namedroppers/>
>
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>