Joel Jaeggli wrote:
Keith Moore wrote:
Marshall Eubanks wrote:
If I am reading this correctly the UK Centre for the Protection of
National Infrastructure
wants the IETF (or some other body) to produce a companion document to
the IETF specifications that discusses the security aspects and
Hi,
On 2009-2-14, at 0:25, Marshall Eubanks wrote:
If I am reading this correctly the UK Centre for the Protection of
National Infrastructure
wants the IETF (or some other body) to produce a companion document
to the IETF specifications that discusses the security aspects and
implications of
Keith, Joel,
It's difficult to imagine that these things could be adequately captured
in a static document, for TCP or any other protocol, because new threats
and countermeasures continue to be identified decades after the base
protocol is well-settled. Maybe something like an expanded version
Joel Jaeggli wrote:
Keith Moore wrote:
Marshall Eubanks wrote:
If I am reading this correctly the UK Centre for the Protection of
National Infrastructure
wants the IETF (or some other body) to produce a companion document to
the IETF specifications that discusses the security aspects
Thomas Narten wrote:
IPR consultation is all about risk analysis. And risk to the IETF
vs. risk to me personally vs. risk to my employer vs. risk to somebody
else's employer, etc. All are VERY different things.
I mean this in a polite way, but bull! IPR consultation is mostly about
the
On 2009-02-15 03:44, Theodore Tso wrote:
On Sat, Feb 14, 2009 at 09:12:16AM +1300, Brian E Carpenter wrote:
Or afterwards, since the license a contributor grants to the
IETF Trust is non-exclusive. So contributing these words to the IETF
does not affect in any way my ability to do as I wish
Hi Sam,
I am aware of some of the authorization mechanisms used in Kerberos (e.g.,
those introduced by Microsoft).
The issue here is a bit different, particularly on the Internet (in
comparison to the pure enterprise space).
We see a good deal of SSO solutions being deployed. To provide
Hi Josh,
Hi Hans,
Hannes wrote:
Melinda wrote:
and that there are
some non-trivial advantages to carrying authorizations in-band.
Namely...
I don't wish to speak for Melinda, but this is a view
shared by many
within my own community.
I have a long list of applications,
Hi Hannes,
My fear about SAML in TLS was a history like the following one:
* Hmmm. SAML becomes popular. We should put it in every protocol.
* There isn't an extension for TLS defined yet. Let's do it.
* Now, let's search for the problems it could solve.
If the argument that you're
Despite currently excessive number of comments, I think we should invite
more comments and make it easier, not harder to send them. Even if
traffic on the list is now too high and information content per message
is low, in general our average number of comments in the IETF Last Call
stage is
10 matches
Mail list logo
