[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Progress on RADIUS Extension for Digest Authentication
Glen and all,
I agree, if the keywrap doc is ready we should ask for it to be: a) a
working group item; and b) put it in to working last call ASAP.
As for its use for sterman draft, ideally we should use keywrap for this
document. I am all for that with the caveat that we should not delay
sterman. I don't want to see sterman delayed. Especially since
Message-Authenticator is not busted.
Also, if Message-Authenticator is busted or close to being busted it is
busted for EAP as well as Sterman. So Key Wrap document can basically
indicated that Message-Authenticator should be deprecated and replaced with
Key-Wrap. What is wrong with this strartegy?
> -----Original Message-----
> From: Glen Zorn (gwz) [mailto:email@example.com]
> Sent: Friday, November 19, 2004 4:07 PM
> To: 'Nelson, David'; 'Avi Lior'; 'Bernard Aboba'
> Cc: firstname.lastname@example.org; 'AC Mahendran'
> Subject: RE: Progress on RADIUS Extension for Digest Authentication
> Nelson, David <> wrote:
> >> Okay. So lets get this draft into last call right away.
> > Which draft? The keywrap draft? We haven't reached consensus
> > it should be a WG work item yet,
> Has anybody called for consensus from the WG? It's
> incredibly difficult to reach something without moving your hand...
> > although Bernard has suggested that
> > it should be, and it seems to address a valid issue (NIST/FIPS
> > approved algorithms).
> > Perhaps we ought to follow your earlier suggestion and use the
> > existing Message-Authenticator Attribute in the Digest
> > draft (as it is a short-term dependency for 3GPP2). We
> could then let
> > the keywrap draft take its course, hopefully eliciting more
> review and
> > comment on the list than heretofore.
> I like this plan! Let's 1) rubberstamp a flawed document, insuring
> 2) either massive upgrades or (more likely) non-action later because
> 3) we can't make a decision on anything of substance in less
> than 2 years.
> > -- Dave
> Hope this helps,
> Why is it that most of the world's problems can't be solved by simply
> listening to John Coltrane? -- Henry Gabriel
to unsubscribe send a message to email@example.com with
the word 'unsubscribe' in a single line as the message text body.