Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Transport Layer Security (TLS) Authorization Extensions
draft-housley-tls-authz-extns-09

Yes

(Tim Polk)

No Objection

(Alexey Melnikov)

(Pasi Eronen)

(Robert Sparks)

(Ron Bonica)

(Ross Callon)

Abstain

(Adrian Farrel)

(David Ward)

Ballots:

Note: This ballot was opened for revision 09 and is now closed.

Tim Polk Former IESG member

Yes

Yes () Unknown

Alexey Melnikov Former IESG member

(was Discuss) No Objection

No Objection (2009-10-14) Unknown

5. Security Considerations

   A TLS server can support more than one application, and each
   application may include several features, each of which requires
   separate authorization checks.  This is the reason that more than one
   piece of authorization information can be provided.

   A TLS server that requires different authorization information for
   different applications or different application features may find
   that a client has provided sufficient authorization information to
   grant access to a subset of these offerings.  In this situation the
   TLS Handshake protocol will complete successfully; however, the
   server must ensure that the client will only be able to use the
   appropriate applications and application features.  That is, the TLS
   server must deny access to the applications and application features
   for which authorization has not been confirmed.

s/must/MUST ? (twice)

Pasi Eronen Former IESG member

(was No Record, Discuss) No Objection

No Objection (2009-10-14) Unknown

Robert Sparks Former IESG member

No Objection

No Objection () Unknown

Ron Bonica Former IESG member

No Objection

No Objection () Unknown

Ross Callon Former IESG member

No Objection

No Objection () Unknown

Adrian Farrel Former IESG member

Abstain

Abstain (2009-08-02) Unknown

There seems to be a little history associated with this draft. Rather thn read up on the details I am going to Abstain. The draft seems to have enough votes to go through and I see nothing specific in the draft to object to. I am going to trust the rest of the IESG to have derived the right conclusions from history.

I am a little confused by the flopping of the status of the I-D. It seems that the most recent last call was on Standards Track, yet the I-D has now moved to Experimental (again). I gues that, since a last call was also held on that track, we don't have a problem with that.

David Ward Former IESG member

Abstain

Abstain () Unknown

Transport Layer Security (TLS) Authorization Extensions draft-housley-tls-authz-extns-09

Transport Layer Security (TLS) Authorization Extensions
draft-housley-tls-authz-extns-09