Re: gss userauth

["Joel N. Weber II" <ietf-secsh%joelweber.com@localhost>]

I dislike the partial authentication approach.  I believe it adds
significant complexity to an implementation.

If we don't want to rely on SSH_MSG_UNIMPLEMENTED, I'd be inclined to
suggest that we consider the following:

The spec starts with a set of a definition of messages
SSH_MSG_USERAUTH_REQUEST, SSH_MSG_USERAUTH_GSSAPI_RESPONSE,
SSH_MSG_USERAUTH_GSSAPI_TOKEN,
SSH_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, and
SSH_MSG_USERAUTH_GSSAPI_MIC, plus the error messages that are
currently defined.

Then it would describe three userauth methods in terms of those
messages:

The gssapi userauth method uses the same set of messages it does now,
for backwards compatibility and for methods that don't support
integrity that someone someday might want to use for authentication.

We add a new gssapi-mic userauth method, which is like gssapi but uses
SSH_MSG_USERAUTH_GSSAPI_MIC instead of
SSH_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE.

We define another new userauth method gssapi-keyex, which uses the
context from key exchange, and involves the client sending
SSH_MSG_USERAUTH_REQUEST followed by SSH_MSG_USERAUTH_GSSAPI_MIC.

This probably makes it easier for code to continue to use the sorts of
abstractions that code is likely to already be using (note that last I
checked, openssh didn't support partial userauth at all), and it
should be straightforward to share code between the userauth methods
as needed.

I'm willing to write up precise proposed text for this at some point
tomorrow (probably fairly late in the day, realistically) if that
would help.