[Ietf-krb-wg] increase ticket length limits in RFC4121

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[Ietf-krb-wg] increase ticket length limits in RFC4121

Larry Zhu-4
While preparing Shawn's GSS-API hash agility document (draft-ietf-krb-wg-gss-cb-hash-agility-05), I came to realize that we already developed a solution to allow a ticket larger than 65k in GSS-API, by adding/registering a new GSS-API extension.

That hopefully is useful for folks trying to allow a larger PAC, although it could just push the same issue elsewhere.

--Larry

_______________________________________________
ietf-krb-wg mailing list
[hidden email]
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
Reply | Threaded
Open this post in threaded view
|

Re: [Ietf-krb-wg] increase ticket length limits in RFC4121

Simo Sorce
On Fri, 17 Dec 2010 20:57:09 +0000
Larry Zhu <[hidden email]> wrote:

> While preparing Shawn's GSS-API hash agility document
> (draft-ietf-krb-wg-gss-cb-hash-agility-05), I came to realize that we
> already developed a solution to allow a ticket larger than 65k in
> GSS-API, by adding/registering a new GSS-API extension.
>
> That hopefully is useful for folks trying to allow a larger PAC,
> although it could just push the same issue elsewhere.

Can you point me to a draft or documentation about that ?

I added text to the recent PAC draft to add such an extension but I will
be happy to drop it or adopt yours if it meets our requirements.

Simo.

--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
ietf-krb-wg mailing list
[hidden email]
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
Reply | Threaded
Open this post in threaded view
|

Re: [Ietf-krb-wg] increase ticket length limits in RFC4121

Larry Zhu-4
I was able to see the document under tools.ietf.org but did not have luck just now. Here is an external link:
http://www.watersprings.org/pub/id/draft-ietf-krb-wg-gss-cb-hash-agility-05.txt

-----Original Message-----
From: Simo Sorce [mailto:[hidden email]]
Sent: Friday, December 17, 2010 1:04 PM
To: Larry Zhu
Cc: [hidden email]
Subject: Re: [Ietf-krb-wg] increase ticket length limits in RFC4121

On Fri, 17 Dec 2010 20:57:09 +0000
Larry Zhu <[hidden email]> wrote:

> While preparing Shawn's GSS-API hash agility document
> (draft-ietf-krb-wg-gss-cb-hash-agility-05), I came to realize that we
> already developed a solution to allow a ticket larger than 65k in
> GSS-API, by adding/registering a new GSS-API extension.
>
> That hopefully is useful for folks trying to allow a larger PAC,
> although it could just push the same issue elsewhere.

Can you point me to a draft or documentation about that ?

I added text to the recent PAC draft to add such an extension but I will be happy to drop it or adopt yours if it meets our requirements.

Simo.

--
Simo Sorce * Red Hat, Inc * New York


_______________________________________________
ietf-krb-wg mailing list
[hidden email]
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
Reply | Threaded
Open this post in threaded view
|

Re: [Ietf-krb-wg] increase ticket length limits in RFC4121

Simo Sorce
In reply to this post by Simo Sorce
On Fri, 17 Dec 2010 16:03:50 -0500
Simo Sorce <[hidden email]> wrote:

> On Fri, 17 Dec 2010 20:57:09 +0000
> Larry Zhu <[hidden email]> wrote:
>
> > While preparing Shawn's GSS-API hash agility document
> > (draft-ietf-krb-wg-gss-cb-hash-agility-05), I came to realize that
> > we already developed a solution to allow a ticket larger than 65k in
> > GSS-API, by adding/registering a new GSS-API extension.
> >
> > That hopefully is useful for folks trying to allow a larger PAC,
> > although it could just push the same issue elsewhere.
>
> Can you point me to a draft or documentation about that ?
>
> I added text to the recent PAC draft to add such an extension but I
> will be happy to drop it or adopt yours if it meets our requirements.

Disregard the request, I started actually reading
draft-ietf-krb-wg-gss-cb-hash-agility-05 :-)

Simo.

--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
ietf-krb-wg mailing list
[hidden email]
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg