[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: doi-07/interoperability questions
Derrell D. Piper writes:
> Ben,
>
> >At the bakeoff, we ran into the small problem of some recent changes to
> >the DOI document which caused many machines to be un-interoperable.
>
> The change to use an attribute to fully identify the appropriate AH transform
> occured in the Version 3 DOI, which was submitted to the ID on July 31, 1997.
> That was eight months and four drafts ago. I'm sorry you missed it. It's
> release might simply predate your participation on this list.
>
> I think your characterization of this change as being both unexpected and
> recent is at odds with the facts. I also think your assertion that "very few
> vendors had actually implemented this" is grossly inaccurate as well.
I'm not complaining about the current draft. In fact, I have
implemented it. However, I found that sending either an AH-MD5 or an
AH-SHA1 with the corresponding HMAC-MD5 or HMAC-SHA1 attribute was
not accepted by many implementations, and only 3 or 4 others actually
sent these transform payloads with the correct auth attribute.
Perhaps I just had bad luck with the people I tried to interoperate
with.
ben
Follow-Ups:
References: