[Amqp-security-list] RE: MInutes from 12/1 AMQP Security call

[Subbu Srinivasan (ssriniva)]

Ted,
Let's plan on mtg after New Year. I am travelling on vacation this week
and back after New Year.

 

-----Original Message-----
From: Ted Ross [mailto:tross at redhat.com] 
Sent: Thursday, December 20, 2007 8:52 AM
To: Subbu Srinivasan (ssriniva)
Cc: Ted Ross; amqp-security-list at redhat.com
Subject: Re: MInutes from 12/1 AMQP Security call

Subbu,

If you like, I can be the minutes-taker for the Security SIG calls.

Last week we discussed mapping SASL to the AMQP wire format.  I took two
action items: 1) to determine if SASL can readily be mapped onto AMQP;
and 2) to propose an encoding for the security ticket.

I don't recall (nor do I have notes about) what your actions were.  
Key-exchange is an open issue.

With regard to my items:

1) I'm not quite ready to write it up yet, but SASL maps quite nicely
onto the connection-class commands in AMQP.  Some thought has already
been done on this by the authors of 0-10.  I still need to write down
more detail than appears in the 0-10 spec.  I will submit this to the
Wiki page.  The current spec places all SASL data into a single vbin32
field for both the secure and secure-ok methods.  One question I'm
looking into is whether AMQP field types should be used in a more
structured way to support SASL.

2) I have not done much work on this item yet.  From the broker's
perspective, I'm not even certain the ticket is needed (because the
broker already keeps session and connection state for the client and can
store auth/auth information there).  This merits further discussion.

Schedule note:  I, and others from Red Hat will be unavailable next week
due to a company holiday.  Our next availability will be January 3rd.

-Ted

Subbu Srinivasan (ssriniva) wrote:
> Ted,
>   
> By any chance do u have mtg mins of our last call.
>