Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2
draft-shin-augmented-pake-15
Yes
(Sean Turner)
No Objection
(Adrian Farrel)
(Gonzalo Camarillo)
(Robert Sparks)
(Ron Bonica)
(Russ Housley)
(Stewart Bryant)
(Wesley Eddy)
Note: This ballot was opened for revision 13 and is now closed.
Sean Turner Former IESG member
Yes
Yes
(for -13)
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
(for -14)
Unknown
Gonzalo Camarillo Former IESG member
No Objection
No Objection
(for -14)
Unknown
Peter Saint-Andre Former IESG member
No Objection
No Objection
(2012-03-08 for -13)
Unknown
Both draft-harkins-ipsecme-spsk-auth and draft-kuegler-ipsecme-pace-ikev2 specify that the password will be prepared using SASLprep (RFC 4013). Why doesn't this specification also define how 'w' is prepared for input to other operations?
Robert Sparks Former IESG member
No Objection
No Objection
(for -14)
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
(for -14)
Unknown
Russ Housley Former IESG member
No Objection
No Objection
(for -14)
Unknown
Stephen Farrell Former IESG member
No Objection
No Objection
(2012-03-15 for -14)
Unknown
- section 2.2.1 could badly do with some examples if that's possible. I'd expect interop problems in any case, but more without that. Those might be shared with the other scheme drafts. - Section 2, last paragraph - that's confusing - which Y and K calculation is to be done? I think you need to be much clearer about this. - saying "server S does not store any plaintext passwords" is missing 2119 language. While a MUST would be most correct, perhaps a SHOULD is right, in case someone wants to do this using an existing DB of cleartext passwords. - Providing a reference for "Shamir's trick" would be good.
Stewart Bryant Former IESG member
No Objection
No Objection
(for -13)
Unknown
Wesley Eddy Former IESG member
No Objection
No Objection
(for -14)
Unknown