CURRENT_MEETING_REPORT_


Reported by David A. Borman/Cray Research, Inc.

TELNET Minutes

The Telnet Working Group met the morning of Tuesday, July 30, 1991.

An initial Agenda of possible topics included:


   o Authentication Option
   o Encryption Option
   o Environment Option
   o CAT (Common Authentication Technology)
   o Possible Future Telnet Work

      -  8 bit NVT
      -  International Characters
      -  Option Negotiation Loop Avoidance
      -  Compression
      -  Terminal Types
      -  MIB


The actual discussion that followed focused only on the Authentication
option.

The first thing that was started was a quick walk-through of the draft
Authentication option to do some final editing, before approving the
draft for recommendation for being published as an RFC.
 Page 1:
  The AUTH_WHO_CLIENT and AUTH_WHO_SERVER names will be changed to
  AUTH_CLIENT_TO_SERVER and AUTH_SERVER_TO_CLIENT to more accurately
  describe who is authenticating who.

  The words "(TCP LISTEN state)" will be added after "...that did the
  passive TCP open," to clarify things.

 Page 2:
  Mid page, "authentication-type-list" will be changed to
  "authentication-type-pair-list" for consistentcy.

  The descriptions of IS and REPLY will be rewritten.

 Page 3:
  In the first sentence, "has two values" will be changed to
  "is two octets".


This is about as much as was accomplished on the walk-through, as side
discussions took us off on other more general issues.

                                   1





A major point of discussion was:


  1. Should we continue with the authentication option, and
  2. Should the authentication option be providing ``negotiation'' for
     the type of authentication to be used?


The argument for the negotiation was that it provides a mechanism for
the client and server to agree upon what type of authentication will be
used.  The argument against it was that the client should just pick one,
and it probably will only have one type, and the server would either
accept or refuse it.  There was also fear that having a negotiation
scheme would allow a weaker form authentication to be agreed upon that
the user is willing to use.

After much discussion, it was decided that we would:


  1. Leave the draft the way it is.
  2. Add a description of the security concerns of doing negotiation of
     the authentication mechanism.


A shorter discussion was held on whether the IS and REPLY commands could
be replaced with a single DATA command.  It was decided that there was
no benefit in changing it, so it was left as is.

Another discussion was whether we should be doing the Authentication
option at all, in light of the work starting up in the Common
Authentication Technology (CAT) Working Group.  It was decided that
since the CAT group is just starting up, and the Authentication option
is already being implemented and used to get real work done, and that
the Authentication option has the ability to evolve into CAT, that we
would continue.

The draft will be modified as stated above, and circulated for one more
round of review before being sent to the IESG.

Attendees

Steve Alexander          stevea@i88.isc.com
David Bolen              db3l@nis.ans.net
David Borman             dab@cray.com
Johnny Eriksson          bygg@sunet.se
Barbara Fraser           byf@cert.sei.cmu.edu
Kenneth Goodwin          goodwin@psc.edu
Alton Hoover             hoover@nis.ans.net
Charles Kaufman          kaufman@dsmail.enet.dec.com
Mark Lewis               mlewis@telebit.com
John Linn                linn@zendia.enet.dec.com
Louis Mamakos            louie@ni.umd.edu
Matt Mathis              mathis@psc.edu
Greg Minshall            minshall@wc.novell.com

                                   2





Clifford Neuman          bcn@isi.edu
Jason Perreault          perreaul@interlan.interlan.com
John Pickens             jrp@3com.com
P. Rajaram               rajaram@sun.com
Jan Michael Rynning      jmr@nada.kth.se
Mark Saake               saake@llnl.gov
Emil Sturniolo           emil@doe.dss.com
Theodore Tso
Jesse Walker             walker@eider.enet@decpa.dec.com
David Ward               dward@chipcom.com



                                   3