[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: I-D ACTION:draft-ietf-ldapbis-authmeth-17.txt

To: <ietf-ldapbis@OpenLDAP.org>, "Kurt Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: I-D ACTION:draft-ietf-ldapbis-authmeth-17.txt
From: "Roger Harrison" <RHARRISON@novell.com>
Date: Tue, 25 Oct 2005 18:37:10 -0600
Content-disposition: inline
In-reply-to: <6.2.1.2.0.20051025140744.032adb20@mail.openldap.org>
References: <E1EUUo5-0007ju-T5@newodin.ietf.org> <6.2.1.2.0.20051025140744.032adb20@mail.openldap.org>

To the best of my knowledge, this draft addresses all issues raised
during the WG last call and discussed by last Saturday evening. Here is
a summary of the changes made:

General

- Resolved all known outstanding issues and comments for -16 draft.
- Edits for clarity and consistency.
- Removed -16 section 3.2 (StartTLS Response) as this material is now
covered in [Protocol].
- Reordered several document sections to improve document flow.

Section 2
- Fixed requirements consistency issue with name/password mechanism and
TLS that was caused by moving LDAP's required mechanism from DIGEST-MD5
mechanism to name/password mechanism in -16.

Section 3.1.3

- Refinements to server identity check algorithm based on feedback from
WG reviewers.

Section 5.2.2

- Added a new section on SASL semantics within LDAP based on a
generalization of some material on DIGEST-MD5 semantics within LDAP that
was removed in the -16 draft.

Appendix B

- Completed list of substantive changes to RFC 2829 and RFC 2830.
Removed all other appendices that were tracking changes to this
document.  (I realized this morning that I haven't yet documented the
changes for two sections of RFC 2251. I will post text for these in a
follow-up message).

Please respond with your comments.

Thanks,

Roger

>>> On Tue, Oct 25, 2005 at  3:09 pm, in message
<6.2.1.2.0.20051025140744.032adb20@mail.openldap.org>, "Kurt D.
Zeilenga"
<Kurt@OpenLDAP.org> wrote: 
> Please review this I- D within the next week or so to ensure
> issues raised during the prior WG Last Call have been adequately
> addressed.
> 
> Thanks, Kurt
> 
> At 12:50 PM 10/25/2005, Internet- Drafts@ietf.org wrote:
>>A New Internet- Draft is available from the on- line Internet- Drafts
directories.
>>This draft is a work item of the LDAP (v3) Revision Working Group of
the 
> IETF.
>>
>>        Title           : LDAP: Authentication Methods and Security 
> Mechanisms
>>        Author(s)       : R. Harrison
>>        Filename        : draft- ietf- ldapbis- authmeth- 17.txt
>>        Pages           : 30
>>        Date            : 2005- 10- 25
>>        
>>This document describes authentication methods and security
>>   mechanisms of the Lightweight Directory Access Protocol (LDAP).
>>
>>   This document details establishment of Transport Layer Security
>>   (TLS) using the StartTLS operation.
>>
>>   This document details the simple Bind authentication method
>>   including anonymous, unauthenticated, and name/password
mechanisms
>>   and the Secure Authentication and Security Layer (SASL) Bind
>>   authentication method including the EXTERNAL mechanism.
>>
>>   This document discusses various authentication and authorization
>>   states through which a session to an LDAP server may pass and the
>>   actions that trigger these state changes.
>>
>>A URL for this Internet- Draft is:
>>http://www.ietf.org/internet- drafts/draft- ietf- ldapbis- authmeth-
17.txt
>>
>>To remove yourself from the I- D Announcement list, send a message to

>>i- d- announce- request@ietf.org with the word unsubscribe in the
body of the 
> message.  
>>You can also visit https://www1.ietf.org/mailman/listinfo/I- D-
announce 
>>to change your subscription settings.
>>
>>
>>Internet- Drafts are also available by anonymous FTP. Login with the
username
>>"anonymous" and a password of your e- mail address. After logging
in,
>>type "cd internet- drafts" and then
>>        "get draft- ietf- ldapbis- authmeth- 17.txt".
>>
>>A list of Internet- Drafts directories can be found in
>>http://www.ietf.org/shadow.html 
>>or ftp://ftp.ietf.org/ietf/1shadow- sites.txt
>>
>>
>>Internet- Drafts can also be obtained by e- mail.
>>
>>Send a message to:
>>        mailserv@ietf.org.
>>In the body type:
>>        "FILE /internet- drafts/draft- ietf- ldapbis- authmeth-
17.txt".
>>        
>>NOTE:   The mail server at ietf.org can return the document in
>>        MIME- encoded form by using the "mpack" utility.  To use
this
>>        feature, insert the command "ENCODING mime" before the
"FILE"
>>        command.  To decode the response(s), you will need "munpack"
or
>>        a MIME- compliant mail reader.  Different MIME- compliant
mail readers
>>        exhibit different behavior, especially when dealing with
>>        "multipart" MIME messages (i.e. documents which have been
split
>>        up into multiple messages), so check your local documentation
on
>>        how to manipulate these messages.
>>                
>>                
>>Below is the data which will enable a MIME compliant mail reader
>>implementation to automatically retrieve the ASCII version of the
>>Internet- Draft.
>>
>>Content- Type: text/plain
>>Content- ID:     <2005- 10- 25133803.I- D@ietf.org>
>>
>>ENCODING mime
>>FILE /internet- drafts/draft- ietf- ldapbis- authmeth- 17.txt
>>
>>
>><ftp://ftp.ietf.org/internet- drafts/draft- ietf- ldapbis- authmeth-
17.txt>

References:
- I-D ACTION:draft-ietf-ldapbis-authmeth-17.txt
  - From: Internet-Drafts@ietf.org
- Re: I-D ACTION:draft-ietf-ldapbis-authmeth-17.txt
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: addition to authmeth-17 appendix B
Next by Date: I-D ACTION:draft-ietf-ldapbis-protocol-32.txt
Index(es):
- Chronological
- Thread