Path: utzoo!censor!geac!joey From: joey@geac.com (Joey DeWiele) Newsgroups: comp.protocols.iso Subject: Re: New ISO Authentication ASE Message-ID: <1990Mar5.154434.21726@geac.com> Date: 5 Mar 90 15:44:34 GMT References: <9002261922.AA00211@polka.mitre.org> Reply-To: joey@geac.com (Joey De Wiele) Organization: Geac Computer Corporation Lines: 40 I thought I'd make a quick reply to the item on ANSI's draft response to the NWI proposal for an Authentication Exchange ASE. I am not quite sure that this newsgroup is an appropriate forum for discussion of ANSI draft responses to NWI proposals however. SC21 is a political animal, and you might want to consider the benefits of distributing U.S. draft text internationally, where everyone can look at it in advance of official circulation. In article <9002261922.AA00211@polka.mitre.org> gomberg@GATEWAY.MITRE.ORG writes: > > 2. The Kerberos authentication mechanism distributed by MIT Project > Athena. > I don't know anything about Kerberos. In particular, I don't how widely accepted in the international community Kerberos is, or the implications of the proposal that this mechanism must be considered for the NWI to be accepted. I do have an idea about what would happen to the standards process if every country involved voted NO to everything that didn't specifically consider nationally developed related material. > > > 1. Should the scope of work be broadened to "Security ASE" to include > other security mechanisms for other services such as access control? > CCITT Q19/VII (DAF) has submitted a liaison statement to JTC1/SC21/WG6 proposing collaborative work on a Security Exchange Service Element. Is this what the above is referring to? If so, maybe you want to reference the liaison statement (JTC1/SC21/N3991). It is my understanding that this was proposed earlier by CCITT and that N3991 is the second go, but I am not sure. By the way, I believe Canada will be submitting a contribution stating that the scope of the proposed NWI should be expanded to cover the specification of a generic security-exchange ASE, which would provide a standard means of transporting security exchange information in application-contexts where no other ASE provides for this transport.