Re: [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on draft-ietf-softwire-6rd-radius-attrib-10: (with DISCUSS and COMMENT)
Sean Turner <turners@ieca.com> Tue, 22 January 2013 20:18 UTC
Return-Path: <turners@ieca.com>
X-Original-To: aaa-doctors@ietfa.amsl.com
Delivered-To: aaa-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A6BA21F84E9 for <aaa-doctors@ietfa.amsl.com>; Tue, 22 Jan 2013 12:18:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.115
X-Spam-Level:
X-Spam-Status: No, score=-102.115 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3BTGiPhR9iUd for <aaa-doctors@ietfa.amsl.com>; Tue, 22 Jan 2013 12:18:46 -0800 (PST)
Received: from gateway04.websitewelcome.com (gateway04.websitewelcome.com [67.18.15.11]) by ietfa.amsl.com (Postfix) with ESMTP id A40B021F8570 for <aaa-doctors@ietf.org>; Tue, 22 Jan 2013 12:18:46 -0800 (PST)
Received: by gateway04.websitewelcome.com (Postfix, from userid 5007) id D508E264CED20; Tue, 22 Jan 2013 14:18:41 -0600 (CST)
Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway04.websitewelcome.com (Postfix) with ESMTP id C9869264CECE6 for <aaa-doctors@ietf.org>; Tue, 22 Jan 2013 14:18:41 -0600 (CST)
Received: from [108.45.19.185] (port=58551 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from <turners@ieca.com>) id 1TxkIw-0001G7-2w; Tue, 22 Jan 2013 14:18:46 -0600
Message-ID: <50FEF425.2040805@ieca.com>
Date: Tue, 22 Jan 2013 15:18:45 -0500
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
MIME-Version: 1.0
To: "aaa-doctors@ietf.org" <aaa-doctors@ietf.org>
References: <20130117091306.15656.90065.idtracker@ietfa.amsl.com> <50F7C250.4090700@cisco.com>
In-Reply-To: <50F7C250.4090700@cisco.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator1743.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (thunderfish.local) [108.45.19.185]:58551
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 8
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20=
Cc: Ralph Droms <rdroms@cisco.com>
Subject: Re: [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on draft-ietf-softwire-6rd-radius-attrib-10: (with DISCUSS and COMMENT)
X-BeenThere: aaa-doctors@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: AAA Doctors E-mail List <aaa-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/aaa-doctors>, <mailto:aaa-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/aaa-doctors>
List-Post: <mailto:aaa-doctors@ietf.org>
List-Help: <mailto:aaa-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/aaa-doctors>, <mailto:aaa-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2013 20:18:47 -0000
Any feedback folks? I'm sitting on a discuss related to this. spt On 1/17/13 4:20 AM, Benoit Claise wrote: > Dear AAA doctors, > > I updated my DISCUSS with the latest information. See below > Regarding this COMMENT > > Also, it would be helpful to be explicit about the value of the > Service-Type attribute in Access-Requests (I am assuming that this > is no longer "Call-Check", since the User-Password attribute is > included in the Access-Request). > > I believe that the AAA doctors should give clear guidelines to the > draft-ietf-softwire-6rd-radius-attrib authors regarding the content of > the Service-Type. > If we can't, I propose not to insist on this issue. > This is the reason why this is a COMMENT and not a DISCUSS. > > Feedback? > > Regards, Benoit > > > -------- Original Message -------- > Subject: Benoit Claise's Discuss on > draft-ietf-softwire-6rd-radius-attrib-10: (with DISCUSS and COMMENT) > Date: Thu, 17 Jan 2013 01:13:06 -0800 > From: Benoit Claise <bclaise@cisco.com> > To: The IESG <iesg@ietf.org> > CC: draft-ietf-softwire-6rd-radius-attrib@tools.ietf.org, > softwire-chairs@tools.ietf.org > > > > Benoit Claise has entered the following ballot position for > draft-ietf-softwire-6rd-radius-attrib-10: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer tohttp://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > The AAA doctors reviewed version 10 > > 1. While Section 3 now does describe how authentication/authorization > functions in a way that is compliant with RFC 2865 and 5080, there is no > normative language and the requirements (e.g. for User-Name and > User-Password attributes, Message-Authenticator attribute) are not > included in Section 4.2. > > 2. Section 6 (Security Considerations) has a dangling sentence: > > ... > > The MAC address spoofing is possible > > ... > > OK... then what? > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > - Also, it would be helpful to be explicit about the value of the > Service-Type attribute in Access-Requests (I am assuming that this is no > longer "Call-Check", since the User-Password attribute is included in the > Access-Request). > > - You started to use the terminology from RFC 5969, but for two terms > only. > It's a pity that you didn't reuse so other. > 4.1. IPv6-6rd-Configuration Attribute > > 6rdPrefix > > The Service Provider's 6rd IPv6 prefix represented as a 16 > octet IPv6 address. The bits after the 6rdPrefixlen number of > bits in the prefix SHOULD be set to zero. > > ... > > 6rdBRIPv4Address > > One or more IPv4 addresses of the 6rd Border Relay(s) for a > given 6rd domain. The maximum RADIUS Attribute length of 255 > octets results in a limit of 58 IPv4 addresses. > >>From RFC 5969: > 6rd prefix An IPv6 prefix selected by the service provider > for use by a 6rd domain. There is exactly one > 6rd prefix for a given 6rd domain. An SP may > deploy 6rd with a single 6rd domain or multiple > 6rd domains. > > ... > > BR IPv4 address The IPv4 address of the 6rd Border Relay for a > given 6rd domain. This IPv4 address is used by > the CE to send packets to a BR in order to > reach IPv6 destinations outside of the 6rd > domain. > > > > > >
- [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on dra… Benoit Claise
- Re: [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on… Sean Turner
- Re: [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on… Sheng Jiang
- Re: [AAA-DOCTORS] Benoit Claise's Discuss on draf… Ralph Droms (rdroms)
- Re: [AAA-DOCTORS] Benoit Claise's Discuss on draf… Benoit Claise