Alexey Melnikov <alexey(_dot_)melnikov(_at_)isode(_dot_)com> writes:
The IESG wrote:
The IESG has received a request from the Simple Authentication and
Security Layer WG (sasl) to consider the following document:
- 'Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family '
<draft-ietf-sasl-gs2-17.txt> as a Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2009-11-18. Exceptionally, comments
may be sent to iesg(_at_)ietf(_dot_)org instead. In either case, please
retain
the beginning of the Subject line to allow automated sorting.
I would like to suggest a clarification to the IANA registration for
GS2-* family of SASL mechanisms:
In Section 15, 3rd paragraph:
OLD:
The IANA is advised that SASL mechanism names starting with "GS2-"
are reserved for SASL mechanisms which conform to this document. The
IANA is directed to place a statement to that effect in the sasl-
mechanisms registry.
NEW:
The IANA is advised that SASL mechanism names starting with "GS2-"
are reserved for SASL mechanisms which conform to this document. The
IANA is directed to place a statement to that effect in the sasl-
mechanisms registry. With the exception of "GS2-KRB5" and
"GS2-KRB5-PLUS"
(registered later in this section), all other mechanism names in this
family are constructed as
defined in section 3.1.
Opinions?
This forces future GSS-API mechanisms that provide a SASL mechanism name
to use a SASL name outside of the GS2-* prefix. Was that your
intention?
I thought it would be nice to allow a future GSS-API mechanism, called
say FOOBAR, to be able to register the SASL mechanism name GS2-FOOBAR.
But having them register FOOBAR instead is of course fine too.
I'm fine with adding the text if this situation was what you intended.
/Simon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf