Structure of the Generic Security Service (GSS) Negotiation Loop
draft-ietf-kitten-gss-loop-05
Yes
(Stephen Farrell)
No Objection
(Adrian Farrel)
(Alia Atlas)
(Barry Leiba)
(Benoît Claise)
(Jari Arkko)
(Joel Jaeggli)
(Martin Stiemerling)
(Spencer Dawkins)
Note: This ballot was opened for revision 04 and is now closed.
Stephen Farrell Former IESG member
Yes
Yes
(for -04)
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
(for -04)
Unknown
Alia Atlas Former IESG member
No Objection
No Objection
(for -04)
Unknown
Barry Leiba Former IESG member
No Objection
No Objection
(for -04)
Unknown
Benoît Claise Former IESG member
No Objection
No Objection
(for -04)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -04)
Unknown
Joel Jaeggli Former IESG member
No Objection
No Objection
(for -04)
Unknown
Kathleen Moriarty Former IESG member
No Objection
No Objection
(2015-02-17 for -04)
Unknown
Thanks for your work on this draft. I can see that this is just grouping text from previous RFCs to put it all in one place so the security practices in play may have been fine at time. Was there any discussion about fixing the following from the Security Considerations section, so at least an error could be triggered? This seems like a bigger issue with the GSS-API than one specific to this draft, so this is just a question to understand where this is at. The GSS-API uses a request-and-check model for features. An application using the GSS-API requests certain features (confidentiality protection for messages, or anonymity), but such a request does not require the GSS implementation to provide that feature. The application must check the returned flags to verify whether a requested feature is present; if the feature was non- optional for the application, the application must generate an error. Phrased differently, the GSS-API will not generate an error if it is unable to satisfy the features requested by the application.
Martin Stiemerling Former IESG member
No Objection
No Objection
(for -04)
Unknown
Spencer Dawkins Former IESG member
No Objection
No Objection
(for -04)
Unknown