Bill Sommerfeld writes:
> I still don't like the counterproposal. It's still built around a
> really horrible idea (potentially using one secret with more than one
> protocol/algorithm) which I don't want to see copied by other projects.
> And I don't really think it's either more or less usable than my
> suggested change.
Agreed.
> So I'm torn.
I'd support either a spec change or a derail-and-TCR that said:
"The project team must support either only the newest
authentication method (with a single password), or all methods
but with independent passwords for each."
That allows the project team to choose to have a single password if
they really want (at the expense of dropping support for the broken
old protocol) or multiple passwords to support any or all of them.
And it gets the ARC out of the business of trying to figure out which
authentication protocols are necessary for which market.
--
James Carlson, Solaris Networking <james.d.carlson at sun.com>
Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
