Re: [Isms] current naming agreement

["David B. Nelson" <d.b.nelson at comcast.net>]

Jeffrey Hutzelman writes...

> It is a design feature of ISMS that we delegate to SSH the entire problem
> of mapping names coming from potentially disparate authentication
> namespaces into a common namespace which is provided to us.  This is a
> feature because SSH has to (and does) solve it anyway.
> 
> If we extend this approach to every future secure transport mapping, such
> that all such mappings can be expected to deal with any differences or
> false similarities between names used by their authentication mechanisms,
> then we are left only with the problem of dealing with differences and/or
> false similarities between names provided us by different possible secure
> transports.

Well, that's very nice and convenient.  I'm unaware of the document that
specifies this "identity disambiguation" behavior of SSH authentication and
that of other secure transports.  Would you please give me a pointer?
Thanks!

Wes Hardaker writes...
 
> I *think* that there is almost agreement on the following as a solution,
> based on discussions on the list and in the hallways.  I think this is a
> reasonable compromise on most sides (it's not the solution I myself
> would pick, but I'm willing to accept it).  It combines elements from
> multiple people and satisfies some of the issues some folks have.  None
> of the elements are new, just combined.

Assuming that the behavior Jeff describes, above, is present (sorry to be a
Doubting Thomas), it seems reasonable to me, too.


_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms