James Carlson wrote: > Bill Sommerfeld writes: > > I still don't like the counterproposal. It's still built around a > > really horrible idea (potentially using one secret with more than one > > protocol/algorithm) which I don't want to see copied by other projects. > > And I don't really think it's either more or less usable than my > > suggested change. > > Agreed. > > > So I'm torn. > > I'd support either a spec change or a derail-and-TCR that said: > > "The project team must support either only the newest > authentication method (with a single password), or all methods > but with independent passwords for each."
I've made a proposal that, I think, will support independent passwords for each method of authentication. Alan > That allows the project team to choose to have a single password if > they really want (at the expense of dropping support for the broken > old protocol) or multiple passwords to support any or all of them. > And it gets the ARC out of the business of trying to figure out which > authentication protocols are necessary for which market. > > -- > James Carlson, Solaris Networking <james.d.carlson at sun.com> > Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 > MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 >
