From leifj at it.su.se Tue Mar 4 13:18:21 2003 From: leifj at it.su.se (Leif Johansson) Date: Tue, 04 Mar 2003 19:18:21 +0100 Subject: [Kdc-info] slowly... Message-ID: <3E64EDED.7080202@it.su.se> I am getting around to drafting an information model document as I promised to do. If anyone though I promosed to have this done by this IETF they are absolutely correct. I am sorry for the delay :-( I _hope_ to get something down by the start of the IETF, at least enough for a continued bar-bof if there is enough interest. Leif From Morteza.Ansari at sun.com Tue Mar 4 13:58:36 2003 From: Morteza.Ansari at sun.com (Morteza Ansari) Date: Tue, 04 Mar 2003 10:58:36 -0800 Subject: [Kdc-info] slowly... References: <3E64EDED.7080202@it.su.se> Message-ID: <3E64F75C.C2E59E86@sun.com> I am still interested in this. We should have another bar-bof to discuss any progress and move this forward. Cheers, Morteza Leif Johansson wrote: > > I am getting around to drafting an information model document as I > promised to do. If anyone though I promosed to have this done by this > IETF they are absolutely correct. I am sorry for the delay :-( I _hope_ > to get something down by the start of the IETF, at least enough for > a continued bar-bof if there is enough interest. > > Leif > > _______________________________________________ > kdc-info mailing list > kdc-info at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-info From leifj at it.su.se Tue Mar 4 14:02:11 2003 From: leifj at it.su.se (Leif Johansson) Date: Tue, 04 Mar 2003 20:02:11 +0100 Subject: [Kdc-info] slowly... In-Reply-To: <3E64F75C.C2E59E86@sun.com> References: <3E64EDED.7080202@it.su.se> <3E64F75C.C2E59E86@sun.com> Message-ID: <3E64F833.5040608@it.su.se> Morteza Ansari wrote: >I am still interested in this. We should have another bar-bof to >discuss any progress and move this forward. > > >Cheers, >Morteza > >Leif Johansson wrote: > > >>I am getting around to drafting an information model document as I >>promised to do. If anyone though I promosed to have this done by this >>IETF they are absolutely correct. I am sorry for the delay :-( I _hope_ >>to get something down by the start of the IETF, at least enough for >>a continued bar-bof if there is enough interest. >> >> Leif >> >>_______________________________________________ >>kdc-info mailing list >>kdc-info at mit.edu >>http://mailman.mit.edu/mailman/listinfo/kdc-info >> >> Great! Glad to hear that I haven't turned everyone off by my lack of progress. From bob.joslin at hp.com Tue Mar 4 14:46:31 2003 From: bob.joslin at hp.com (Bob Joslin) Date: Tue, 4 Mar 2003 11:46:31 -0800 Subject: [kdc-schema] Re: [Kdc-info] slowly... In-Reply-To: <3E64F75C.C2E59E86@sun.com> Message-ID: <003201c2e286$c12b2340$1c60080f@cup.hp.com> Agreed. Any proposals for a time? -----Original Message----- From: kdc-schema-bounces at mit.edu [mailto:kdc-schema-bounces at mit.edu] On Behalf Of Morteza Ansari Sent: Tuesday, March 04, 2003 10:59 AM To: Leif Johansson Cc: kdc-schema at mit.edu; kdc-info at mit.edu Subject: [kdc-schema] Re: [Kdc-info] slowly... I am still interested in this. We should have another bar-bof to discuss any progress and move this forward. Cheers, Morteza Leif Johansson wrote: > > I am getting around to drafting an information model document as I > promised to do. If anyone though I promosed to have this done by this > IETF they are absolutely correct. I am sorry for the delay :-( I _hope_ > to get something down by the start of the IETF, at least enough for > a continued bar-bof if there is enough interest. > > Leif > > _______________________________________________ > kdc-info mailing list > kdc-info at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-info _______________________________________________ kdc-schema mailing list kdc-schema at mit.edu http://mailman.mit.edu/mailman/listinfo/kdc-schema From raeburn at MIT.EDU Tue Mar 11 15:56:55 2003 From: raeburn at MIT.EDU (Ken Raeburn) Date: Tue, 11 Mar 2003 15:56:55 -0500 Subject: [Kdc-info] Re: slowly... In-Reply-To: <003201c2e286$c12b2340$1c60080f@cup.hp.com> ("Bob Joslin"'s message of "Tue, 4 Mar 2003 11:46:31 -0800") References: <003201c2e286$c12b2340$1c60080f@cup.hp.com> Message-ID: "Bob Joslin" writes: > Agreed. Any proposals for a time? Hearing none so far, I'll toss one out: How about Tuesday, Afternoon Sessions I, meeting outside "Imperial A" which is where the Kerberos WG meets on Monday? It's a one-hour session for: fax, ldup, nsiim, entmib, smime, nsis, spirits. Is an hour enough? Anything except Tuesday night (is there a social? I was going to punt it and try to see some friends in town) will conflict with something. Ken From leifj at it.su.se Tue Mar 11 15:57:52 2003 From: leifj at it.su.se (Leif Johansson) Date: Tue, 11 Mar 2003 21:57:52 +0100 Subject: [Kdc-info] Re: slowly... In-Reply-To: References: <003201c2e286$c12b2340$1c60080f@cup.hp.com> Message-ID: <3E6E4DD0.60003@it.su.se> Ken Raeburn wrote: >"Bob Joslin" writes: > > >>Agreed. Any proposals for a time? >> >> right, sorry. >Hearing none so far, I'll toss one out: > >How about Tuesday, Afternoon Sessions I, meeting outside "Imperial A" >which is where the Kerberos WG meets on Monday? It's a one-hour >session for: fax, ldup, nsiim, entmib, smime, nsis, spirits. Is an >hour enough? > > Sounds fine to me. >Anything except Tuesday night (is there a social? I was going to punt >it and try to see some friends in town) will conflict with something. > > > From wyllys.ingersoll at sun.com Tue Mar 11 16:39:12 2003 From: wyllys.ingersoll at sun.com (Wyllys Ingersoll) Date: Tue, 11 Mar 2003 16:39:12 -0500 Subject: [Kdc-info] Re: slowly... In-Reply-To: <3E6E4DD0.60003@it.su.se> References: <003201c2e286$c12b2340$1c60080f@cup.hp.com> <3E6E4DD0.60003@it.su.se> Message-ID: <3E6E5780.60106@sun.com> Leif Johansson wrote: > Ken Raeburn wrote: > >> "Bob Joslin" writes: >> >> >>> Agreed. Any proposals for a time? >>> > > right, sorry. > >> Hearing none so far, I'll toss one out: >> >> How about Tuesday, Afternoon Sessions I, meeting outside "Imperial A" >> which is where the Kerberos WG meets on Monday? It's a one-hour >> session for: fax, ldup, nsiim, entmib, smime, nsis, spirits. Is an >> hour enough? >> >> > Sounds fine to me. That works for me, too. Though, Im flexible and will be there until Friday AM. -Wyllys From bob.joslin at hp.com Tue Mar 11 16:57:06 2003 From: bob.joslin at hp.com (Bob Joslin) Date: Tue, 11 Mar 2003 13:57:06 -0800 Subject: [Kdc-info] RE: [kdc-schema] Re: slowly... In-Reply-To: Message-ID: <000101c2e819$280dba90$1c60080f@cup.hp.com> Not that I can't make that time, but are you sure you want to go at the same time as the LDUP working group? Other LDAP collegues will likely consider this a conflict in their schedule. (I peronally will attend KDC Schema over LDUP, but other's may want to attend both.) I'll toss out another time of Thursday Afternoon Sessions I (ipcdn, magma, aaa, inch, ppvpn, avt and ieprep.) Bob -----Original Message----- From: kdc-schema-bounces at mit.edu [mailto:kdc-schema-bounces at mit.edu] On Behalf Of Ken Raeburn Sent: Tuesday, March 11, 2003 12:57 PM To: kdc-schema at mit.edu; kdc-info at mit.edu Subject: [kdc-schema] Re: slowly... "Bob Joslin" writes: > Agreed. Any proposals for a time? Hearing none so far, I'll toss one out: How about Tuesday, Afternoon Sessions I, meeting outside "Imperial A" which is where the Kerberos WG meets on Monday? It's a one-hour session for: fax, ldup, nsiim, entmib, smime, nsis, spirits. Is an hour enough? Anything except Tuesday night (is there a social? I was going to punt it and try to see some friends in town) will conflict with something. Ken _______________________________________________ kdc-schema mailing list kdc-schema at mit.edu http://mailman.mit.edu/mailman/listinfo/kdc-schema From leifj at it.su.se Tue Mar 11 17:49:25 2003 From: leifj at it.su.se (Leif Johansson) Date: Tue, 11 Mar 2003 23:49:25 +0100 Subject: [Kdc-info] RE: [kdc-schema] Re: slowly... In-Reply-To: <000101c2e819$280dba90$1c60080f@cup.hp.com> References: <000101c2e819$280dba90$1c60080f@cup.hp.com> Message-ID: <3E6E67F5.4070209@it.su.se> Bob Joslin wrote: >Not that I can't make that time, but are you sure you want to go at the same >time as the LDUP working group? Other LDAP collegues will likely consider >this a conflict in their schedule. (I peronally will attend KDC Schema over >LDUP, but other's may want to attend both.) > >I'll toss out another time of Thursday Afternoon Sessions I (ipcdn, magma, >aaa, inch, ppvpn, avt and ieprep.) > > > LDUP may not be as popular as you think :-) but this also sounds like a possibility... From raeburn at MIT.EDU Wed Mar 12 01:52:02 2003 From: raeburn at MIT.EDU (Ken Raeburn) Date: Wed, 12 Mar 2003 01:52:02 -0500 Subject: [Kdc-info] Re: slowly... In-Reply-To: <000101c2e819$280dba90$1c60080f@cup.hp.com> ("Bob Joslin"'s message of "Tue, 11 Mar 2003 13:57:06 -0800") References: <000101c2e819$280dba90$1c60080f@cup.hp.com> Message-ID: "Bob Joslin" writes: > Not that I can't make that time, but are you sure you want to go at the same > time as the LDUP working group? Other LDAP collegues will likely consider > this a conflict in their schedule. (I peronally will attend KDC Schema over > LDUP, but other's may want to attend both.) Oops. Sorry about that. > I'll toss out another time of Thursday Afternoon Sessions I (ipcdn, magma, > aaa, inch, ppvpn, avt and ieprep.) I think you're looking at Wednesday Afternoon I, which also looks good to me. Ken From Morteza.Ansari at sun.com Wed Mar 12 05:55:26 2003 From: Morteza.Ansari at sun.com (Morteza Ansari) Date: Wed, 12 Mar 2003 02:55:26 -0800 Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... References: <000101c2e819$280dba90$1c60080f@cup.hp.com> Message-ID: <3E6F121E.B625B34E@sun.com> Thursday afternoon I is SASL which might be another conflict for a number of folks (it is for me). However Wednesday afternoon works fine for me. Cheers, Morteza Ken Raeburn wrote: > > "Bob Joslin" writes: > > Not that I can't make that time, but are you sure you want to go at the same > > time as the LDUP working group? Other LDAP collegues will likely consider > > this a conflict in their schedule. (I peronally will attend KDC Schema over > > LDUP, but other's may want to attend both.) > > Oops. Sorry about that. > > > I'll toss out another time of Thursday Afternoon Sessions I (ipcdn, magma, > > aaa, inch, ppvpn, avt and ieprep.) > > I think you're looking at Wednesday Afternoon I, which also looks good > to me. > > Ken > _______________________________________________ > kdc-schema mailing list > kdc-schema at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-schema From bob.joslin at hp.com Wed Mar 12 14:19:11 2003 From: bob.joslin at hp.com (Bob Joslin) Date: Wed, 12 Mar 2003 11:19:11 -0800 Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... In-Reply-To: <3E6F121E.B625B34E@sun.com> Message-ID: <000901c2e8cc$431865c0$1c60080f@cup.hp.com> Doh, you're right. Wednesday is what I meant. Wednesday afternoon outside "Imperial A" is starting to sound like a quorum. Does this work for Leif, Donna and Wyllys? Bob -----Original Message----- From: kdc-info-bounces at mit.edu [mailto:kdc-info-bounces at mit.edu] On Behalf Of Morteza Ansari Sent: Wednesday, March 12, 2003 2:55 AM To: Ken Raeburn Cc: kdc-schema at mit.edu; kdc-info at mit.edu Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... Thursday afternoon I is SASL which might be another conflict for a number of folks (it is for me). However Wednesday afternoon works fine for me. Cheers, Morteza Ken Raeburn wrote: > > "Bob Joslin" writes: > > Not that I can't make that time, but are you sure you want to go at the same > > time as the LDUP working group? Other LDAP collegues will likely consider > > this a conflict in their schedule. (I peronally will attend KDC Schema over > > LDUP, but other's may want to attend both.) > > Oops. Sorry about that. > > > I'll toss out another time of Thursday Afternoon Sessions I (ipcdn, magma, > > aaa, inch, ppvpn, avt and ieprep.) > > I think you're looking at Wednesday Afternoon I, which also looks good > to me. > > Ken > _______________________________________________ > kdc-schema mailing list > kdc-schema at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-schema _______________________________________________ kdc-info mailing list kdc-info at mit.edu http://mailman.mit.edu/mailman/listinfo/kdc-info From leifj at it.su.se Sat Mar 15 00:35:15 2003 From: leifj at it.su.se (Leif Johansson) Date: Sat, 15 Mar 2003 06:35:15 +0100 Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... In-Reply-To: <000901c2e8cc$431865c0$1c60080f@cup.hp.com> References: <000901c2e8cc$431865c0$1c60080f@cup.hp.com> Message-ID: <3E72BB93.4040007@it.su.se> Bob Joslin wrote: >Doh, you're right. Wednesday is what I meant. Wednesday afternoon >outside "Imperial A" is starting to sound like a quorum. Does this work for >Leif, Donna and Wyllys? > > > Ok by me! From wyllys.ingersoll at sun.com Sat Mar 15 08:46:23 2003 From: wyllys.ingersoll at sun.com (Wyllys Ingersoll) Date: Sat, 15 Mar 2003 08:46:23 -0500 Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... In-Reply-To: <3E72BB93.4040007@it.su.se> References: <000901c2e8cc$431865c0$1c60080f@cup.hp.com> <3E72BB93.4040007@it.su.se> Message-ID: <3E732EAF.9040700@sun.com> Leif Johansson wrote: > Bob Joslin wrote: > >> Doh, you're right. Wednesday is what I meant. Wednesday afternoon >> outside "Imperial A" is starting to sound like a quorum. Does this >> work for >> Leif, Donna and Wyllys? OK with me. -wyllys >> >> >> > Ok by me! > > _______________________________________________ > kdc-schema mailing list > kdc-schema at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-schema From rlmorgan at washington.edu Wed Mar 19 15:38:49 2003 From: rlmorgan at washington.edu (RL 'Bob' Morgan) Date: Wed, 19 Mar 2003 12:38:49 -0800 (PST) Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... In-Reply-To: <3E72BB93.4040007@it.su.se> Message-ID: Is this happening shortly, then? (sent at 12:38PM on Wednesday) - RL "Bob" On Sat, 15 Mar 2003, Leif Johansson wrote: > Bob Joslin wrote: > > >Doh, you're right. Wednesday is what I meant. Wednesday afternoon > >outside "Imperial A" is starting to sound like a quorum. Does this work for > >Leif, Donna and Wyllys? > > > > > > > Ok by me! > > _______________________________________________ > kdc-info mailing list > kdc-info at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-info > From bob.joslin at hp.com Wed Mar 19 15:42:31 2003 From: bob.joslin at hp.com (Bob Joslin) Date: Wed, 19 Mar 2003 12:42:31 -0800 Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... In-Reply-To: Message-ID: <000501c2ee58$10de92f0$47a2f40f@cup.hp.com> I'm just hanging out in Imperial A, until it gets too crowded. Then I'll migrate outside. I'll be there. Bob Joslin -----Original Message----- From: kdc-info-bounces at mit.edu [mailto:kdc-info-bounces at mit.edu] On Behalf Of RL 'Bob' Morgan Sent: Wednesday, March 19, 2003 12:39 PM To: Leif Johansson Cc: kdc-schema at mit.edu; kdc-info at mit.edu Subject: Re: [Kdc-info] Re: [kdc-schema] Re: slowly... Is this happening shortly, then? (sent at 12:38PM on Wednesday) - RL "Bob" On Sat, 15 Mar 2003, Leif Johansson wrote: > Bob Joslin wrote: > > >Doh, you're right. Wednesday is what I meant. Wednesday afternoon > >outside "Imperial A" is starting to sound like a quorum. Does this work for > >Leif, Donna and Wyllys? > > > > > > > Ok by me! > > _______________________________________________ > kdc-info mailing list > kdc-info at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-info > _______________________________________________ kdc-info mailing list kdc-info at mit.edu http://mailman.mit.edu/mailman/listinfo/kdc-info From donnas at us.ibm.com Wed Mar 19 16:42:52 2003 From: donnas at us.ibm.com (Donna Skibbie) Date: Wed, 19 Mar 2003 15:42:52 -0600 Subject: [Kdc-info] Re: [kdc-schema] Re: slowly... Message-ID: I am not at this IETF meeting. Could someone please send me the minutes of this meeting? Thanks, Donna Skibbie, Distributed Systems Architect IBM Corporation; 11400 Burnet Road; Austin, TX 78758 USA Tel.: +1(512)838-3896 T/L 678; Fax: 8597 donnas at us.ibm.com "Bob Joslin" @mit.edu on 03/19/2003 02:42:31 PM Sent by: kdc-schema-bounces at mit.edu To: "'RL 'Bob' Morgan'" , "'Leif Johansson'" cc: kdc-schema at mit.edu, kdc-info at mit.edu Subject: RE: [Kdc-info] Re: [kdc-schema] Re: slowly... I'm just hanging out in Imperial A, until it gets too crowded. Then I'll migrate outside. I'll be there. Bob Joslin -----Original Message----- From: kdc-info-bounces at mit.edu [mailto:kdc-info-bounces at mit.edu] On Behalf Of RL 'Bob' Morgan Sent: Wednesday, March 19, 2003 12:39 PM To: Leif Johansson Cc: kdc-schema at mit.edu; kdc-info at mit.edu Subject: Re: [Kdc-info] Re: [kdc-schema] Re: slowly... Is this happening shortly, then? (sent at 12:38PM on Wednesday) - RL "Bob" On Sat, 15 Mar 2003, Leif Johansson wrote: > Bob Joslin wrote: > > >Doh, you're right. Wednesday is what I meant. Wednesday afternoon > >outside "Imperial A" is starting to sound like a quorum. Does this work for > >Leif, Donna and Wyllys? > > > > > > > Ok by me! > > _______________________________________________ > kdc-info mailing list > kdc-info at mit.edu > http://mailman.mit.edu/mailman/listinfo/kdc-info > _______________________________________________ kdc-info mailing list kdc-info at mit.edu http://mailman.mit.edu/mailman/listinfo/kdc-info _______________________________________________ kdc-schema mailing list kdc-schema at mit.edu http://mailman.mit.edu/mailman/listinfo/kdc-schema From raeburn at MIT.EDU Wed Mar 19 18:01:56 2003 From: raeburn at MIT.EDU (Ken Raeburn) Date: Wed, 19 Mar 2003 18:01:56 -0500 Subject: [Kdc-info] kdc-info meeting at ietf56 Message-ID: Some random notes here, written up from memory after the meeting, since we didn't think to have anyone take notes during it. Feel free to supply any corrections or missing details. We had about eight or nine of us: me, Leif, Wyllys, Mortezza, Kurt Zeilenga, Bob Morgan, Bob Joslin, and I know I'm forgetting (or didn't catch) one or two other names; sorry about that. We hadn't heard anything from Donna, and assumed she wasn't around. So we went to find some space to talk for a while. There was some discussion on administrative information model specification versus KDC implementation details, and how we're intentionally ignoring the latter for now. We discussed minimal versus more comprehensive information models. After concluding that a minimal model could leave out nearly everything (e.g., principal expiration times may not be required, if you can simply delete them; ticket lifetime limits may not be important if your implementation always use short lifetimes), and wouldn't be very useful at all, we started discussing what sort of things might be in a more comprehensive model. (As I recall, at the last IETF, with a few more people involved, we had decided to start working on a minimal useful model, though I don't recall the specific arguments. So I'm not convinced this new direction is necessarily good.) How should the realm be figured into the information model? Kurt brought up the point that in an LDAP schema, information may be distributed or may be per-server. The MIT model, at least, assumes everything is fully replicated from the master to the slave KDCs, and nothing is updated by the slaves in normal usage. This will be a more interesting issue when we go from the information model to a schema. Leif will start on a rough list of concepts from the various Kerberos implementations, and send it to the list for further input. Ken will review the LDAP password-modify and password-policy documents and see how well they match what we're doing or what we need in Kerberos. Ken