CURRENT_MEETING_REPORT_

Reported by Steve Alexander/Lachman Technology

Minutes of the TELNET Working Group (TELNET)


Agenda

   o Any feedback on the ``Telnet Environment Option'' Internet-Draft
     Last Call.

   o Discussion of merged authentication/encryption options, ``Telnet
     Authentication and Encryption Option'' Internet-Draft, with
     emphasis on a plan to get the document finished.

   o Any other business.


Steve Alexander presented the agenda and asked if there were other items
that needed to be discussed.  Marjo Mercado asked about the charter, so
a brief discussion was held.  Steve stated that the charter was no
longer open-ended, and that the group would conclude when the
environment and authentication documents were done.  If other issues
arise the charter will have to be amended.  There was general agreement
on this point.

Since a Last Call has been issued for the ``Telnet Environment Option,''
Steve asked for any feedback.  Marjo pointed out a minor grammatical
error which will need to be corrected during the RFC editing process.
Steve urged everyone to review the document if they hadn't already.

The bulk of the meeting was devoted to authentication.  Dave Borman is
currently implementing the merged authentication/encryption options.
The group discussed whether it is okay to abandon the output mode
DES---this seemed acceptable to all present.  Ted Ts'o raised the
concern about active attackers forcing the use of a weaker encryption
mechanism.  There was brief discussion on this point and Ted agreed to
write up his view of how this could be avoided.

John Linn expressed concern about getting a Kerberos V authentication
document out ahead of the merged mechanism.  The group agreed that the
current V5 Draft, ``Telnet Authentication:  Kerberos Version 5'' could
be issued as an Experimental RFC. Steve will send the current draft to
Ted for review.

Dave Borman mentioned that he would like to release his current telnet
reference sources in the near-term, but is concerned about the
encryption code.  Ted suggested that perhaps MIT could be a distribution
point, since they have a similar problem with the Kerberos distribution.

Sam Sjogren raised the issue of interoperability testing.  The group was
receptive, and might try to schedule an event prior to the Seattle
meeting.  This would most likely be a virtual event held between
cooperating parties via the Internet.  There was some discussion of
whether this would be appropriate to have at an IETF meeting, but no
conclusion was reached.


Action Items

Dave Borman      Will finish implementation of the merged
                 authentication/encryption options.

Ted Ts'o         Will write up a discussion of how he would like to see
                 the encryption type negotiation covered by a checksum
                 to prevent active attackers from forcing a weak
                 encryption method to be negotiated.

Steve Alexander  Will fine-tune the Kerberos V draft and send it to
                 Ted for review with the goal of issuing it as an
                 Experimental RFC.

Steve/Dave       Will drive the document editing process so that work on
                 merging the encryption text into the Kerberos documents
                 will be complete by Seattle.


Attendees

Steve Alexander          stevea@lachman.com
David Borman             dab@cray.com
Peter Cameron            cameron@xylint.co.uk
Jonathan Didner          jonb@bangate.compaq.com
John Linn                linn@security.ov.com
Marjo Mercado            marjo@cup.hp.com
Clifford Neuman          bcn@isi.edu
Jon Penner               jjp@bscs.uucp
Vladimir Sukonnik        sukonnik@process.com
Theodore Ts'o            tytso@mit.edu
Raymond Vega             rvega@cicese.mx