Re: [abfab] Trust router (was Re: Fwd: New Version Notification for draft-wierenga-ietf-eduroam-00.txt)
Klaas Wierenga <klaas@cisco.com> Mon, 15 October 2012 13:34 UTC
Return-Path: <klaas@cisco.com>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A90021F868A for <abfab@ietfa.amsl.com>; Mon, 15 Oct 2012 06:34:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SD7lHlxUnV0Q for <abfab@ietfa.amsl.com>; Mon, 15 Oct 2012 06:34:04 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 6361721F8688 for <abfab@ietf.org>; Mon, 15 Oct 2012 06:34:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3845; q=dns/txt; s=iport; t=1350308044; x=1351517644; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=CicBldgXSF4ppZXXKPPQF+jiQpgXaTHjLVkZ8ttYjp4=; b=WPD+zersHdEwvpQuvFMgZ0f508tbcjPu7+tfjo1s7u8bfEAvG6x/lrMB okcajbDKwaMQsdwW+DBOOLY6XSAUVWUku7JHjDbrOSHXq/oLYTrd7qrvc k8DLS53iCFLZt1Pqvh831LjUHr0yVQ3AGeI2WnMC4qRwRW/30t4SLCRXm w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAIMPfFCtJXG8/2dsb2JhbAA8Cb94gQiCIAEBAQMBAQEBDwFbCQIFCwsRAQIBAgEjCyciBggGEwkLDodcBgudZ59Ti1kRhUxgA5VsgRWNMIFrgm+BYQ
X-IronPort-AV: E=Sophos;i="4.80,587,1344211200"; d="scan'208";a="131664608"
Received: from rcdn-core2-1.cisco.com ([173.37.113.188]) by rcdn-iport-5.cisco.com with ESMTP; 15 Oct 2012 13:34:03 +0000
Received: from rtp-vpn6-1164.cisco.com (rtp-vpn6-1164.cisco.com [10.82.252.144]) by rcdn-core2-1.cisco.com (8.14.5/8.14.5) with ESMTP id q9FDY1GI027902 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Mon, 15 Oct 2012 13:34:02 GMT
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.1 \(1498\))
From: Klaas Wierenga <klaas@cisco.com>
In-Reply-To: <CCA1BA78.20480%Josh.Howlett@ja.net>
Date: Mon, 15 Oct 2012 15:33:59 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <9B5663C2-D1B5-4507-9CC0-C898BC03BA3F@cisco.com>
References: <CCA1BA78.20480%Josh.Howlett@ja.net>
To: Josh Howlett <Josh.Howlett@ja.net>
X-Mailer: Apple Mail (2.1498)
Cc: "<abfab@ietf.org>" <abfab@ietf.org>
Subject: Re: [abfab] Trust router (was Re: Fwd: New Version Notification for draft-wierenga-ietf-eduroam-00.txt)
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Oct 2012 13:34:05 -0000
On Oct 15, 2012, at 2:56 PM, Josh Howlett <Josh.Howlett@ja.net> wrote: Hi Josh, all, > I probably shouldn't be writing this email until I have finished the > update to aaa-saml :-). However I thought it was worth pointing out that see, I knew our severity would pay of at some point…. ;-) > section 3.3. ('Routing table complexity') is a nice description of the > kind of problem that Trust Router (draft-howlett-abfab-trust-router-ps) is > trying to fix. > > But now let us imagine that one was also interested in operating "govroam" > in parallel to eduroam, where they may be some overlap between these > communities. Now, in addition to the naming/connectivity incongruence > described in section 3.3, you can also add incongruence of trust > communities. > > My contention is that, for the use cases that Abfab is addressing, the > number and overlap of trust communities wanting to consume identity is in > fact rather large. Therefore it will be significantly cheaper to operate a > single infrastructure that can manage these incongruences, rather than > instantiate N distinct infrastructures for N different trust communities. > > It should be as cheap and easy to create and manage a trust community of > arbitrary actors as it is to connect a house full of consumer electronics > to a domestic WiFi router. Yes, I was meaning to bring this topic up. Given that we are making good progress with the abfab core documents the question arises what to do next. Fold abfab or recharter and pick up new work. I think we should have that discussion. Klaas > > Josh. > > On 15/10/2012 12:11, "Klaas Wierenga" <klaas@cisco.com> wrote: > >> FYI >> >> Begin forwarded message: >> >>> From: <internet-drafts@ietf.org> >>> Subject: New Version Notification for draft-wierenga-ietf-eduroam-00.txt >>> Date: October 15, 2012 12:24:23 PM GMT+02:00 >>> To: <klaas@cisco.com> >>> Cc: <stefan.winter@restena.lu>, <twoln@umk.pl> >>> >>> >>> A new version of I-D, draft-wierenga-ietf-eduroam-00.txt >>> has been successfully submitted by Klaas Wierenga and posted to the >>> IETF repository. >>> >>> Filename: draft-wierenga-ietf-eduroam >>> Revision: 00 >>> Title: The eduroam architecture for network roaming >>> Creation date: 2012-10-15 >>> WG ID: Individual Submission >>> Number of pages: 31 >>> URL: >>> http://www.ietf.org/internet-drafts/draft-wierenga-ietf-eduroam-00.txt >>> Status: >>> http://datatracker.ietf.org/doc/draft-wierenga-ietf-eduroam >>> Htmlized: >>> http://tools.ietf.org/html/draft-wierenga-ietf-eduroam-00 >>> >>> >>> Abstract: >>> This document describes the architecture of the eduroam service for >>> federated (wireless) network access in academia. The combination of >>> 802.1X, EAP and RADIUS that is used in eduroam provides a secure, >>> scalable and deployable service for roaming network access. The >>> successful deployment of eduroam over the last decade in the >>> educational sector may serve as an example for other sectors, hence >>> this document. In particular the initial architectural and standards >>> choices and the changes that were prompted by operational experience >>> are highlighted. >>> >>> >>> >>> >>> The IETF Secretariat >>> >> >> _______________________________________________ >> abfab mailing list >> abfab@ietf.org >> https://www.ietf.org/mailman/listinfo/abfab > > > Janet is a trading name of The JNT Association, a company limited > by guarantee which is registered in England under No. 2881024 > and whose Registered Office is at Lumen House, Library Avenue, > Harwell Oxford, Didcot, Oxfordshire. OX11 0SG >
- [abfab] Fwd: New Version Notification for draft-w… Klaas Wierenga
- [abfab] Trust router (was Re: Fwd: New Version No… Josh Howlett
- Re: [abfab] Trust router (was Re: Fwd: New Versio… Klaas Wierenga