Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Freshness Extension
draft-ietf-kitten-pkinit-freshness-07
Yes
(Stephen Farrell)
No Objection
(Alexey Melnikov)
(Alia Atlas)
(Alissa Cooper)
(Alvaro Retana)
(Ben Campbell)
(Deborah Brungard)
(Joel Jaeggli)
(Mirja Kühlewind)
(Spencer Dawkins)
(Suresh Krishnan)
(Terry Manderson)
Note: This ballot was opened for revision 07 and is now closed.
Stephen Farrell Former IESG member
Yes
Yes
()
Unknown
Alexey Melnikov Former IESG member
No Objection
No Objection
()
Unknown
Alia Atlas Former IESG member
No Objection
No Objection
()
Unknown
Alissa Cooper Former IESG member
No Objection
No Objection
()
Unknown
Alvaro Retana Former IESG member
No Objection
No Objection
()
Unknown
Ben Campbell Former IESG member
No Objection
No Objection
()
Unknown
Benoît Claise Former IESG member
No Objection
No Objection
(2016-12-01)
Unknown
As mentioned by Scott Bradner in his OPS-DIR review, some words about operational guidance (not implementation guidance) would be welcome: " what kind of message could the operator give to their users to minimize the disruption when errors start popping up " would be welcome. See https://www.ietf.org/mail-archive/web/ops-dir/current/msg02267.html.
Deborah Brungard Former IESG member
No Objection
No Objection
()
Unknown
Jari Arkko Former IESG member
(was Discuss)
No Objection
No Objection
(2016-12-01)
Unknown
This was a Discuss, but I changed it to a comment because we don't need both me and Kathleen holding the same issue: "I am concerned about the issue that Russ Housley raised in his Gen-ART review: bad practices in creating the freshness tokens creates a security issue. If this cannot be handled in the way that Russ initially suggested (setting a minimum number of bits) then a proper discussion of the issue and recommendations to avoid the problems need to be included in the security considerations section." Other issues from Russ' Gen-ART review should also be addressed (editorial ones + possible max size).
Joel Jaeggli Former IESG member
No Objection
No Objection
()
Unknown
Kathleen Moriarty Former IESG member
(was Discuss)
No Objection
No Objection
(2016-12-20)
Unknown
Thanks for covering my prior discuss with a paragraph provided as an RFC editor note.
Mirja Kühlewind Former IESG member
No Objection
No Objection
()
Unknown
Spencer Dawkins Former IESG member
No Objection
No Objection
()
Unknown
Suresh Krishnan Former IESG member
No Objection
No Objection
()
Unknown
Terry Manderson Former IESG member
No Objection
No Objection
()
Unknown