Kitten (GSS-API Next Generation) WG (kitten) CHAIR: Jeffrey Altman TUESDAY, November 7, 2006 1520-1720 (UTC-8) Afternoon Session II Room: Seabreeze The Audio Stream is available at http://limestone.uoregon.edu/ftp/pub/videolab/media/ietf67/ietf67ch2-tue-noon.mp3 The Jabber Logs are available at: http://www3.ietf.org/meetings/ietf-logs/kitten/2006-11-07.html Meeting Materials: https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=67#wg-kitten =================================================================================== Document Status --------------- Desired Enhancements to GSSAPI Version 3 Naming - draft-ietf-kitten-gss-naming-04.txt - IESG approved; Waiting for RFC publication GSS-API Domain-Based Service Names - draft-ietf-kitten-gssapi-domain-based-names-04.txt - IETF Last Call complete GSS-API Domain-Based Service Names Mapping for the Kerberos V GSS Mechanism - draft-ietf-kitten-krb5-gssapi-domain-based-names-02.txt - IETF Last Call complete GSS-APIv2 Extension for Storing Delegated Credentials - draft-williams-gssapi-store-deleg-creds - Ready for Working Group Last Call Extended Generic Security Service Mechanism Inquiry APIs - draft-ietf-kitten-extended-mech-inquiry-02.txt - In Working Group Last Call - Please review Stackable Generic Security Service Pseudo-Mechanisms - draft-ietf-kitten-gssapi-stackable-pseudo-mechs-02.txt - In Working Group Last Call - Please review Generic Security Service API Version 2 : Java Bindings Update - draft-ietf-kitten-rfc2853bis-01.txt - In Working Group Last Call - Please review ========================================================================= Proposed Charter Revision ------------------------- Charter and Milestone Revisions being reviewed by the IESG. Charter removes work item for defining channels for use in channel bindings. Charter adds permission to address internationalization issues. ========================================================================= Technical Discussion -------------------- * The WG reviewed the outstanding AD comments on "GSS-API Domain-Based Service Names". The working group will confirm consensus of decisions on the mailing list. * WGLC: An Update to the Java GSS-API specification - Reviewers Needed Shan Emery and will Leif Johansson will review document. Need to Java language experts reviewers. 2 weeks to the review to complete * WGLC: Stackable mechs / Extended mech inquiry APIs. 3 people sent comments in the last few days Martin Rex - gss_release_oid Martin Rex - Minor status codes David Leonard - G11N Derek Atkins Composition order matters no compositions language More reviewers needed Jeffery Hutzelman and Ken R will review document * Internationalization Consensus GSS-API v2u1 specifies "ISO Latin-1" in existing gss_display_name and gss_display_status functions. WG consensus is that new functions providing "Unicode" and "Locale" specific output will be specified in future extensions. * Charter and Milestone revision status Charter revision sent to IESG and is under review + Removes work item for def of channels for IPsec, TLS, etc + Adds permission to address i18n issues * Presentation: Leif Johansson on HTTP GSSAPI Negotiate replacement http://www.ietf.org/internet-drafts/draft-johansson-http-gss-00.txt http://www.ietf.org/internet-drafts/draft-johansson-http-tls-cb-00.txt Please review. * Presentation: Larry Zhu on Kerberos for Web Services + needs new name (perhaps rename to IAKERB) + permits client/kdc traffic through a GSS-API proxy + must be extended to handle change password protocol + will not be adopted by Kitten as not within charter + krb-wg might accept it as a work item + Sam Hartman (AD) would accept it as an individual submission if neither working group takes it as a work item. + Simon volunteers to co-edit the document * Presentation: Larry Zhu on PKU2U + peer to peer kerberos. no need for a KDC + provides PKDA and PKTAPP + transmits Kerberos PDUs inside GSS-API tokens * Implementation Experience A concern was raised regarding the lack of running code for the GSS-API extensions in WGLC. Meeting ended at 16.55 Thanks for Love Hörnqvist-Åstrand for taking minutes.