Hi Alex, Thanks for the update.
> Changes include: > > >* Added motivation section indicating why this is required. This is a definitely a good addition; however, I don't believe that it is complete. Ideally I think it needs to consider the questions that I raised previously in the context of the previous discussion that Sam initiated about generic gss pre-auth versus gss-eap pre-auth: > What are the practical benefits of a generic gss pre-auth mechanism when > Kerberos pre-auth itself provides an extensible framework? I can see that > there is value in the re-using deployed gss mechanisms if this avoids > having to create functionally-equivalent but redundant pre-auth >mechanisms > in the case where an equivalent gss mechanism already exists, but are > there really so many of these that this is a compelling argument? It > sounds as though there is potentially a trade-off that we could make > between complexity and generality. FWIW I haven't developed an opinion on these yet, but I would be interested to hear if you have any... Josh. JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
