IETF Logo Mail Archive

Re: [anonsec] review comments on draft-ietf-btns-prob-and-applic-06.txt

Nicolas Williams <Nicolas.Williams@sun.com> Sat, 12 January 2008 00:08 UTC

Return-path: <anonsec-bounces@postel.org>
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JDTvC-0003gm-5D for btns-archive-waDah9Oh@lists.ietf.org; Fri, 11 Jan 2008 19:08:22 -0500
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JDTvB-0007zM-Po for btns-archive-waDah9Oh@lists.ietf.org; Fri, 11 Jan 2008 19:08:22 -0500
Received: from boreas.isi.edu (localhost [127.0.0.1]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m0C052tB026697; Fri, 11 Jan 2008 16:05:02 -0800 (PST)
Received: from sca-ea-mail-2.sun.com (sca-ea-mail-2.Sun.COM [192.18.43.25]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m0C04DNb026435 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for <anonsec@postel.org>; Fri, 11 Jan 2008 16:04:14 -0800 (PST)
Received: from dm-central-01.central.sun.com ([129.147.62.4]) by sca-ea-mail-2.sun.com (8.13.7+Sun/8.12.9) with ESMTP id m0C04DiJ020629 for <anonsec@postel.org>; Sat, 12 Jan 2008 00:04:13 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-01.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id m0C04Cg3050947 for <anonsec@postel.org>; Fri, 11 Jan 2008 17:04:12 -0700 (MST)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1) with ESMTP id m0C04BkN003017; Fri, 11 Jan 2008 18:04:11 -0600 (CST)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1/Submit) id m0C04BB7003016; Fri, 11 Jan 2008 18:04:11 -0600 (CST)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Fri, 11 Jan 2008 18:04:11 -0600
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Black_David@emc.com
Message-ID: <20080112000410.GY810@Sun.COM>
Mail-Followup-To: Black_David@emc.com, kent@bbn.com, anonsec@postel.org
References: <p0624051cc3a83920cdf2@[128.89.89.71]> <8CC6CEAB44F131478D3A7B429ECACD91085F06@CORPUSMX20A.corp.emc.com>
Mime-Version: 1.0
Content-Disposition: inline
In-Reply-To: <8CC6CEAB44F131478D3A7B429ECACD91085F06@CORPUSMX20A.corp.emc.com>
User-Agent: Mutt/1.5.7i
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: nicolas.williams@sun.com
Cc: anonsec@postel.org
Subject: Re: [anonsec] review comments on draft-ietf-btns-prob-and-applic-06.txt
X-BeenThere: anonsec@postel.org
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: "Discussions of anonymous Internet security." <anonsec.postel.org>
List-Unsubscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=unsubscribe>
List-Archive: <http://mailman.postel.org/pipermail/anonsec>
List-Post: <mailto:anonsec@postel.org>
List-Help: <mailto:anonsec-request@postel.org?subject=help>
List-Subscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: anonsec-bounces@postel.org
Errors-To: anonsec-bounces@postel.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 79899194edc4f33a41f49410777972f8

On Fri, Jan 11, 2008 at 06:16:42PM -0500, Black_David@emc.com wrote:
> One thing that will not be done is to describe EAP's
> encapsulation in IKEv2 as a possible solution to the BTNS
> problems.  There are two reasons for this:

Yes, EAP is not applciable, and I've just described separately the other
major reasons why authentication at the IPsec layer is not always
suitable.

> Instead, it would make more sense to add text that makes
> both of the above points so that issues about usage of EAP
> for BTNS purposes do not arise again.
> 
> Comments?

Yes please.  Also let's add the multi-user multi-plexing rationale.

Nico
-- 
_______________________________________________

v2.23.0 | Report a Bug | By Email