I think I agree with Martin here. Channel bindings in GSSAPI V2 have not proven to be a feature that is as portable or robust as the rest of the spec.
I think they are a strong candidate for dropping in advancing GSSAPI V2 to draft. OF course you cannot just drop them because doing so would be backward incompatible. I'm not quite sure how you indicate this, but Martin's suggested approach seems like a fine idea to run past the IESG. But my personal preference is to enhance channel bindings for cryptographic keys until they can (and are) portably used in GSSAPI V3 --Sam -++**==--++**==--++**==--++**==--++**==--++**==--++**== This message was posted through the Stanford campus mailing list server. If you wish to unsubscribe from this mailing list, send the message body of "unsubscribe ietf-cat-wg" to [EMAIL PROTECTED]
