Hi. When I first heard about this idea I mentioned that we had been working with the idea of using Kerberos to handle rapid re-authentication. The idea is that an acceptor can provide a Kerberos ticket to a RFC 7055 implementation that can be returned for fast re-authentication.
My feeling at the time is that is a better approach than ERP for ABFAB. I never really saw a response to that comment. As an experiment, it's fine to go off and explore whatever approach you like. However, at the point when you start proposing this work in the IETF, I think we should explore other plausible alternatives. As such I think we should have a discussion of ERP vs RFC 4121. --Sam _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
