[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XAUTH is broken



>>>>> "Joern" == Joern Sierwald <joern.sierwald@datafellows.com> writes:

 Joern> At 12:02 23.7.1999 -0700, Dan wrote:
 >> I don't have any objection to a new exchange but I have a request.
 >> Please don't just grab the next number in the _reserved_ _to_
 >> _IANA_ space. Config-mode did this and I think it's a bad
 >> precedent. We've already seen magic number conflicts (DH-less IKE
 >> and the Certicom EC draft) from this sort of thing.
 >> 
 >> Pick a private use number and define some blob for a vendor ID
 >> which says, "I do XAUTH++". When you receive a properly formatted
 >> "I do XAUTH++" vendor ID payload you can know that each side has
 >> mutually agreed to use the private use number and you can proceed
 >> to XAUTH++. Then you can test this thing properly at the bakeoff
 >> and if, and when, it advances it can be assigned a number in the
 >> proper manner.
 >> 
 >> Just grabbing numbers will result in chaos when IANA does assign
 >> the next number in its space and people say, "whoa, you can't do
 >> that! The Frobnitz draft is already using that number."
 >> 
 >> thank you,
 >> 
 >> Dan.
 >> 

 Joern> I have the feeling that vendors in the mailing list want to
 Joern> ship really soon. If we choose private numbers now they will
 Joern> end up in shipping products. Not that I would mind.

 Joern> I guess there will be a new version of the xauth draft, I
 Joern> therefore suggest
 Joern> VID=md5("draft-ietf-ipsec-isakmp-xauth-05"). And please don't
 Joern> take the _first_ of the private numbers.

I don't understand the rationnale for using private numbers for
working group efforts.  The notion of "private" implies that it's for
purposes that aren't being standardized.

Is the problem that it's taking a really long time for IANA to assign
the number?  If the numbers could be assigned efficiently, it would be 
perfectly straightforward to give a number to a draft as soon as the
draft is prepared.  If a draft ends up not being approved, or changes
in such a fashion that the number is no longer needed, it can either
be marked obsolete, or recycled.

	paul


Follow-Ups: References: