CURRENT_MEETING_REPORT_
Reported by Steve Alexander/Lachman Technology
Minutes of the TELNET Working Group (TELNET)
Agenda
o Any feedback on the ``Telnet Environment Option'' Internet-Draft
Last Call.
o Discussion of merged authentication/encryption options, ``Telnet
Authentication and Encryption Option'' Internet-Draft, with
emphasis on a plan to get the document finished.
o Any other business.
Steve Alexander presented the agenda and asked if there were other items
that needed to be discussed. Marjo Mercado asked about the charter, so
a brief discussion was held. Steve stated that the charter was no
longer open-ended, and that the group would conclude when the
environment and authentication documents were done. If other issues
arise the charter will have to be amended. There was general agreement
on this point.
Since a Last Call has been issued for the ``Telnet Environment Option,''
Steve asked for any feedback. Marjo pointed out a minor grammatical
error which will need to be corrected during the RFC editing process.
Steve urged everyone to review the document if they hadn't already.
The bulk of the meeting was devoted to authentication. Dave Borman is
currently implementing the merged authentication/encryption options.
The group discussed whether it is okay to abandon the output mode
DES---this seemed acceptable to all present. Ted Ts'o raised the
concern about active attackers forcing the use of a weaker encryption
mechanism. There was brief discussion on this point and Ted agreed to
write up his view of how this could be avoided.
John Linn expressed concern about getting a Kerberos V authentication
document out ahead of the merged mechanism. The group agreed that the
current V5 Draft, ``Telnet Authentication: Kerberos Version 5'' could
be issued as an Experimental RFC. Steve will send the current draft to
Ted for review.
Dave Borman mentioned that he would like to release his current telnet
reference sources in the near-term, but is concerned about the
encryption code. Ted suggested that perhaps MIT could be a distribution
point, since they have a similar problem with the Kerberos distribution.
Sam Sjogren raised the issue of interoperability testing. The group was
receptive, and might try to schedule an event prior to the Seattle
meeting. This would most likely be a virtual event held between
cooperating parties via the Internet. There was some discussion of
whether this would be appropriate to have at an IETF meeting, but no
conclusion was reached.
Action Items
Dave Borman Will finish implementation of the merged
authentication/encryption options.
Ted Ts'o Will write up a discussion of how he would like to see
the encryption type negotiation covered by a checksum
to prevent active attackers from forcing a weak
encryption method to be negotiated.
Steve Alexander Will fine-tune the Kerberos V draft and send it to
Ted for review with the goal of issuing it as an
Experimental RFC.
Steve/Dave Will drive the document editing process so that work on
merging the encryption text into the Kerberos documents
will be complete by Seattle.
Attendees
Steve Alexander stevea@lachman.com
David Borman dab@cray.com
Peter Cameron cameron@xylint.co.uk
Jonathan Didner jonb@bangate.compaq.com
John Linn linn@security.ov.com
Marjo Mercado marjo@cup.hp.com
Clifford Neuman bcn@isi.edu
Jon Penner jjp@bscs.uucp
Vladimir Sukonnik sukonnik@process.com
Theodore Ts'o tytso@mit.edu
Raymond Vega rvega@cicese.mx