ietf
[Top] [All Lists]

Re: Gen-art LC review: draft-ietf-kitten-rfc6112bis-02

2016-10-24 20:52:07
On Mon, 24 Oct 2016, Shawn M Emery wrote:


Agreed, however I noticed another area that could use better 2119 language in
regards to this.  Here are the proposed updates:

OLD:
Care MUST be taken by the KDC not to reveal the client's identity in the
authorization data of the returned ticket when populating the authorization
data in a returned anonymous ticket.
NEW:
The KDC MUST NOT reveal the client's identity in the authorization data of the
returned ticket when populating the authorization data in a returned anonymous
ticket.

OLD:
Care MUST be taken by the TGS not to reveal the client's identity in the
authorization data of the returned ticket.
NEW:
The TGS MUST NOT reveal the client's identity in the authorization data of the
returned ticket.

Those do look like parallel constructions that should get the same
treatment.  Thanks for spotting it.

-Ben

<Prev in Thread] Current Thread [Next in Thread>