Hallvard,
I apologize for missing these two suggestions in the -14 revision that i just submitted to the internet-drafts editor. I have already incorporated them into the -15 revision which I plan to post prior to the IETF 62 cutoff (and hopefully with additional changes based on feedback from the WG).
Roger
>>> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 11/8/2004 3:49 PM >>> After a brief look at authmeth-13, the changes that have been done so far mostly look good. A few exceptions: > 10. SASL EXTERNAL Authentication Mechanism > The authorization identity used to determine the state of the > association is derived from the security credentials in an > implementation-specific manner. This is wrong, the authorization identity may be sent with the EXTERNAL request. 'Authentication identity' is derived... in authmeth-12 was right, as far as I can tell. I notice the suggestion to remove authentication 'state' in thread "authmeth: association -= authentication ID" was taken, but Appendix A retains one "authentication state" which should probably be "authorization state" or "association state". -- Hallvard |