Logs for sasl@ietf.xmpp.org, 2004-03-02

[01:49:44] --- hartmans has joined
[01:53:25] --- ludomp has joined
[01:54:21] --- rlbob has joined
[01:54:32] <rlbob> i'll be scribing
[01:54:39] <rlbob> session is now underway
[01:55:16] <rlbob> sh: 2222bis is main item, also stringprep
[01:55:20] --- randy_g has joined
[01:55:47] <rlbob> sh: all other documents have had revisions, but 2222bis is primary focus
[01:55:48] --- agaton has joined
[01:56:49] --- lha has joined
[01:57:03] <rlbob> sh: specific individuals are being asked to review 2222bis
[01:57:20] <hartmans> To clarify, there was some discussion on the list of saslprep, but I don't think any changes were needed
[01:57:35] <rlbob> kz: need positive feedback that reviewers are happy with the doc
[01:57:53] <rlbob> alexey now speaking about 2222bis issues
[01:58:42] <rlbob> am: suggested to use RFC 2828 for terminology, concern about possible conflicts
[01:59:10] <rlbob> kz: say "these terms are used as defined in 2828"
[01:59:43] <rlbob> am: need more generic description, not just list of documents to read
[02:00:24] <rlbob> am: thread on list about application of saslprep to authzid
[02:01:07] <rlbob> am: proposed text on list, didn't use "normalization" right, will give new text, will reflect agreement achieved on list
[02:01:53] <rlbob> am: big thread about what happens to layer on rengotiation if no new layer is requested [or something like that]
[02:02:26] --- tonyhansen has joined
[02:02:50] <rlbob> sh: appears to be another example of chosen-ciphertext attack, already had discussion for digest-md5
[02:03:18] <rlbob> sh: will propose text for document ...
[02:06:02] --- kenh has joined
[02:06:44] <rlbob> bob: explains his note re importance of clarifying authz id
[02:07:08] <hartmans> And dropping the concept of authentication ID
[02:08:56] <rlbob> someone: need to make distinction between them clear, easier if both are described and explained
[02:09:44] <tonyhansen> (someone => Tony Hansen)
[02:10:30] <rlbob> straw poll: most people want to keep authn identity in the doc
[02:10:56] <rlbob> kz: discussion can continue, chairs will summarize next week
[02:13:40] <hartmans> Bob Morgan: Concern about 2119 language applied to future specifications not to implementations
[02:14:04] <hartmans> kz: Important that it be clear what the keywords refer to.
[02:14:06] <rlbob> bob: concern that 2119 MUST etc don't necessarily apply to constraints on authors, but don't have new language to offer
[02:14:35] <rlbob> kz: maybe problem is mixing different uses in the same doc, maybe can clarify per section
[02:14:35] <hartmans> kz: Separate things so that requirements on specs are in different places than requirements on implementations
[02:14:58] <hartmans> goal is that clear when reading the document.
[02:16:51] <hartmans> kz: We still have more work to do on separation of requirements. Then need to take a look at see if we will be confused.
[02:17:55] <hartmans> am: Digest-md5
[02:17:58] <rlbob> am: moving on to digest-md5
[02:18:22] <hartmans> am: Tried to clarify reauthentication, ABNF cleanup.
[02:19:01] <rlbob> attempt to clarify saslprep issues, not finished yet
[02:19:29] <rlbob> also attempt to clarify charset effects on realm, etc
[02:21:14] <rlbob> cipher mode clarifications ...
[02:21:16] <hartmans> am: Drop DES and 3DES per consensus.
[02:21:29] <rlbob> reorganized confidentiality protection section
[02:21:46] <rlbob> need lots of input on saslprep issues
[02:22:08] <rlbob> also "what a realm should look like" question
[02:22:35] <rlbob> still-open question: need separate stringprep for realm?
[02:22:53] <rlbob> kz: good reason not to use saslprep?
[02:23:00] --- tomphelan has joined
[02:23:23] <rlbob> am: argument to made that realms should be same across digest, kerb, gss
[02:24:00] <rlbob> sh: gss has no realms, kerb realms are very complicated, so may not be able to be the same
[02:25:02] <rlbob> am: there is revision of http digest document, saying all username/passwords are UTF-8
[02:26:14] <rlbob> am: big hack in current http digest (?) to use iso-8859-1 if possible, they're hoping to get rid of that ...
[02:27:10] <hartmans> No the hack is in digest-md5 and was being considered for http-digest as I understand it.
[02:28:32] <rlbob> sh: let's take this issue to the list
[02:29:43] <rlbob> am: CBC attack
[02:30:50] <rlbob> am: two choices, explicit IV and ... sh will send comment to the list
[02:31:15] <hartmans> second choice is a block type for explicit IV.
[02:31:32] <rlbob> am: document not ready for last call very soon
[02:32:14] --- tomphelan has left
[02:32:56] <rlbob> am: also working on GSS document, posted in December
[02:33:19] <rlbob> am: example code removed, maybe should be added back
[02:35:52] <rlbob> am: should be able to get next rev of 2222bis shortly ...
[02:37:41] <rlbob> kz: looks like last on 2222bis may be in April, or even a little later
[02:38:51] <rlbob> sh: AD OK with May 04 for submission of 2222bis to IESG?
[02:38:56] <rlbob> rh: OK
[02:39:53] <rlbob> sh: reason gss doc looks simple is that gss community hasn't focused on it yet
[02:42:40] <rlbob> kz: chairs will post proposed new milestones to list by end of week
[02:43:29] <rlbob> am: working on C api
[02:43:59] <rlbob> am: also requested IETF last call on sasl-for-http document
[02:44:47] <rlbob> jh: has this been posted to sasl list?
[02:44:51] <rlbob> am: yes
[02:45:11] <rlbob> am: sasl without persistent connection is "interesting"
[02:46:11] --- kenh has left: Disconnected
[02:46:25] <rlbob> bob: intend to submit doc on SAML as SASL mechanism
[02:46:29] --- randy_g has left: Disconnected
[02:46:29] --- rlbob has left
[02:46:36] --- agaton has left
[02:46:43] --- tonyhansen has left
[02:46:55] --- ludomp has left
[02:47:36] --- lha has left: Logged out
[02:50:24] --- hartmans has left
[08:42:21] --- kmurchison has joined
[08:46:29] --- kmurchison has left
[08:50:00] --- kmurchison has joined
[08:50:06] --- kmurchison has left
[08:51:07] --- kmurchison has joined
[08:51:10] --- kmurchison has left
[10:23:20] --- kmurchison has joined
[10:23:34] --- kmurchison has left
[15:41:11] --- randy_g has joined
[17:21:07] --- rjs3 has joined
[17:21:15] --- rjs3 has left
[17:51:24] --- randy_g has left: Disconnected
[17:59:36] --- randy_g has joined
[20:34:55] --- randy_g has left: Disconnected
[20:44:02] --- randy_g has joined
[20:46:49] --- randy_g has left: Disconnected
[23:16:10] --- kdz has joined
[23:20:23] --- kdz has left