#27: Setion 3.1

Changes (by hannes.tschofenig@…):

 * cc: hannes.tschofenig@… (added)


Comment:

 I changed the title of the section but I am currently not able to address
 your second comment regarding the correctness and completely of bullet 1
 and 2 of the following text:
 "
    RFC 2743 does not explicitly talk about what mutual authentication
    means.  Within the GSS-API community successful mutual authentication
    has come to mean:

    o  If a target name is supplied by the initiator, then the initiator
       trusts that the supplied target name describes the acceptor.  This
       implies both that appropriate cryptographic exchanges took place
       for the initiator to make such a trust decision, and that after
       evaluating the results of these exchanges, the initiator's policy
       trusts that the target name is accurate.

    o  The initiator trusts that its idea of the acceptor name correctly
       names the entity it is communicating with.

    o  Both the initiator and acceptor have the same key material for
       per-message keys and both parties have confirmed they actually
       have the key material.  In EAP terms, there is a protected
       indication of success.
 "
 A problem with the text above is that it uses the fuzzy term "trust". I
 would at least expect to have an indication "<who> trusts <whom> to do
 <what>".

 I prefer to have the issue assigned to someone who is very familiar with
 the GSS-API and to re-work the text.

-- 
--------------------+--------------------------------------
 Reporter:  ietf@…  |       Owner:  draft-ietf-abfab-arch@…
     Type:  defect  |      Status:  new
 Priority:  major   |   Milestone:
Component:  arch    |     Version:
 Severity:  -       |  Resolution:
 Keywords:          |
--------------------+--------------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/abfab/trac/ticket/27#comment:1>
abfab <http://tools.ietf.org/abfab/>

_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab

Reply via email to