IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: GSSAPI authentication
On Thu, 21 Jun 2001, Jeffrey Hutzelman wrote:
> Joe Galbraith is one of the authors of the user auth draft mentioned
> above, and he indicated he might have some time to work on the changes
> involved in the merger. I've sent him a brief description of what I had
> in mind, as well as information about a couple of protocol changes we
> discussed at the WG meeting in Minneapolis (particularly, signing the host
> key during key exchange so that sessions don't have to die when the GSSAPI
> creds used for the initial key exchange expire).
>
> My goal is to get another version of this draft out soon enough that we
> can take into account comments from implementors and this list, and get
> any corrections out before the London IETF meeting.
Well, I didn't do quite as well as I would have liked. I submitted the
combined user auth and key exchange draft before the 20-Jul-2001 deadline,
as a new version of draft-ietf-secsh-gsskeyex. The new version includes
the protocol changes I mentioned above, plus a couple of minor but
incompatible changes to the key exchange to make things a bit cleaner.
Unfortunately, I didn't get a chance to invite comment from the list
before publishing the new version. I'm sure this won't be the last
version of this draft, so I'll be looking forward to hearing comments both
on the list and at the WG meeting in London.
-- Jeff
Home |
Main Index |
Thread Index |
Old Index