[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: draft-ietf-ldapext-authmeth-02.txt

To: ietf-ldapext@netscape.com
Subject: Re: draft-ietf-ldapext-authmeth-02.txt
From: Jeff.Hodges@stanford.edu
Date: Fri, 10 Jul 1998 23:27:05 -0700
Resent-date: Fri, 10 Jul 1998 23:27:20 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"E8YoY2.0.H14.6Nmfr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Doc changes for draft-ietf-ldapext-authmeth-02.txt from -01 version...

- updated section:	3.  Introduction
    with revised threats and security mechanisms enumerations. 

- updated section:	4.  Deployment scenarios
    with revised scenarios.

- added section:	5.  Authentication and Authorization:  
			    Definitions and Concepts
    from draft-ietf-ldapext-ldapv3-tls-01.txt

- updated section:	6.  Required Security Mechanisms
  - draws distinctions between passive eavesdropping attacks and active 
    intermediary attacks. 
  - revised security conformance requirements.

- various detailed refinements to sections:	
	7. Anonymous authentication
	8. Password-based authentication
	9. Certificate-based authentication

- added section:	11. Authorization Identity
  - syntax for authorization id included with SASL "EXTERNAL"-flavored Bind

- updated section:	12. TLS Ciphersuites
  - refined and expanded ciphersuite list. Commented on threats different 
    classes of ciphersuites are susceptable to. 

- Overall subtle-but-important change to doc is to recognize..
  - authorization identities are not always represented as DNs

Prev by Date: Re: meeting IETF 42 ?
Next by Date: Re: Updated version of "X.509 Authentication SASL Mechanism
Index(es):
- Chronological
- Thread