[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: I-D ACTION:draft-ietf-ldapbis-authmeth-17.txt
To the best of my knowledge, this draft addresses all issues raised
during the WG last call and discussed by last Saturday evening. Here is
a summary of the changes made:
General
- Resolved all known outstanding issues and comments for -16 draft.
- Edits for clarity and consistency.
- Removed -16 section 3.2 (StartTLS Response) as this material is now
covered in [Protocol].
- Reordered several document sections to improve document flow.
Section 2
- Fixed requirements consistency issue with name/password mechanism and
TLS that was caused by moving LDAP's required mechanism from DIGEST-MD5
mechanism to name/password mechanism in -16.
Section 3.1.3
- Refinements to server identity check algorithm based on feedback from
WG reviewers.
Section 5.2.2
- Added a new section on SASL semantics within LDAP based on a
generalization of some material on DIGEST-MD5 semantics within LDAP that
was removed in the -16 draft.
Appendix B
- Completed list of substantive changes to RFC 2829 and RFC 2830.
Removed all other appendices that were tracking changes to this
document. (I realized this morning that I haven't yet documented the
changes for two sections of RFC 2251. I will post text for these in a
follow-up message).
Please respond with your comments.
Thanks,
Roger
>>> On Tue, Oct 25, 2005 at 3:09 pm, in message
<6.2.1.2.0.20051025140744.032adb20@mail.openldap.org>, "Kurt D.
Zeilenga"
<Kurt@OpenLDAP.org> wrote:
> Please review this I- D within the next week or so to ensure
> issues raised during the prior WG Last Call have been adequately
> addressed.
>
> Thanks, Kurt
>
> At 12:50 PM 10/25/2005, Internet- Drafts@ietf.org wrote:
>>A New Internet- Draft is available from the on- line Internet- Drafts
directories.
>>This draft is a work item of the LDAP (v3) Revision Working Group of
the
> IETF.
>>
>> Title : LDAP: Authentication Methods and Security
> Mechanisms
>> Author(s) : R. Harrison
>> Filename : draft- ietf- ldapbis- authmeth- 17.txt
>> Pages : 30
>> Date : 2005- 10- 25
>>
>>This document describes authentication methods and security
>> mechanisms of the Lightweight Directory Access Protocol (LDAP).
>>
>> This document details establishment of Transport Layer Security
>> (TLS) using the StartTLS operation.
>>
>> This document details the simple Bind authentication method
>> including anonymous, unauthenticated, and name/password
mechanisms
>> and the Secure Authentication and Security Layer (SASL) Bind
>> authentication method including the EXTERNAL mechanism.
>>
>> This document discusses various authentication and authorization
>> states through which a session to an LDAP server may pass and the
>> actions that trigger these state changes.
>>
>>A URL for this Internet- Draft is:
>>http://www.ietf.org/internet- drafts/draft- ietf- ldapbis- authmeth-
17.txt
>>
>>To remove yourself from the I- D Announcement list, send a message to
>>i- d- announce- request@ietf.org with the word unsubscribe in the
body of the
> message.
>>You can also visit https://www1.ietf.org/mailman/listinfo/I- D-
announce
>>to change your subscription settings.
>>
>>
>>Internet- Drafts are also available by anonymous FTP. Login with the
username
>>"anonymous" and a password of your e- mail address. After logging
in,
>>type "cd internet- drafts" and then
>> "get draft- ietf- ldapbis- authmeth- 17.txt".
>>
>>A list of Internet- Drafts directories can be found in
>>http://www.ietf.org/shadow.html
>>or ftp://ftp.ietf.org/ietf/1shadow- sites.txt
>>
>>
>>Internet- Drafts can also be obtained by e- mail.
>>
>>Send a message to:
>> mailserv@ietf.org.
>>In the body type:
>> "FILE /internet- drafts/draft- ietf- ldapbis- authmeth-
17.txt".
>>
>>NOTE: The mail server at ietf.org can return the document in
>> MIME- encoded form by using the "mpack" utility. To use
this
>> feature, insert the command "ENCODING mime" before the
"FILE"
>> command. To decode the response(s), you will need "munpack"
or
>> a MIME- compliant mail reader. Different MIME- compliant
mail readers
>> exhibit different behavior, especially when dealing with
>> "multipart" MIME messages (i.e. documents which have been
split
>> up into multiple messages), so check your local documentation
on
>> how to manipulate these messages.
>>
>>
>>Below is the data which will enable a MIME compliant mail reader
>>implementation to automatically retrieve the ASCII version of the
>>Internet- Draft.
>>
>>Content- Type: text/plain
>>Content- ID: <2005- 10- 25133803.I- D@ietf.org>
>>
>>ENCODING mime
>>FILE /internet- drafts/draft- ietf- ldapbis- authmeth- 17.txt
>>
>>
>><ftp://ftp.ietf.org/internet- drafts/draft- ietf- ldapbis- authmeth-
17.txt>