Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03
"Alan Kavanagh" <alan.kavanagh@ericsson.com> Mon, 28 July 2008 05:06 UTC
Return-Path: <dhcwg-bounces@ietf.org>
X-Original-To: dhcwg-archive@megatron.ietf.org
Delivered-To: ietfarch-dhcwg-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 29E253A6A61; Sun, 27 Jul 2008 22:06:42 -0700 (PDT)
X-Original-To: dhcwg@core3.amsl.com
Delivered-To: dhcwg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B9E2B3A6A61 for <dhcwg@core3.amsl.com>; Sun, 27 Jul 2008 22:06:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6T0D7HY1-r95 for <dhcwg@core3.amsl.com>; Sun, 27 Jul 2008 22:06:40 -0700 (PDT)
Received: from imr1.ericy.com (imr1.ericy.com [198.24.6.9]) by core3.amsl.com (Postfix) with ESMTP id 756383A6A49 for <dhcwg@ietf.org>; Sun, 27 Jul 2008 22:06:39 -0700 (PDT)
Received: from eusrcmw750.eamcs.ericsson.se (eusrcmw750.exu.ericsson.se [138.85.77.50]) by imr1.ericy.com (8.13.1/8.13.1) with ESMTP id m6S56Ecj032646; Mon, 28 Jul 2008 00:06:14 -0500
Received: from ecamlmw720.eamcs.ericsson.se ([142.133.1.72]) by eusrcmw750.eamcs.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Mon, 28 Jul 2008 00:06:14 -0500
X-MIMEOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 28 Jul 2008 01:06:11 -0400
Message-ID: <35815C929B41D2479A224FE098A272270603C841@ecamlmw720.eamcs.ericsson.se>
In-Reply-To: <52CF1BCD-9BEF-4A01-869B-F20A2C72B4C6@cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [dhcwg] draft-pruss-dhcp-auth-dsl-03
thread-index: Acjv3oPQ32PMRhVtQeSimjpco/8HugAkLTLg
References: <7EF5D845-4CA3-4100-AC40-5D760F8FCB40@cisco.com><20080727091906.GN1338@steelhead.localdomain> <52CF1BCD-9BEF-4A01-869B-F20A2C72B4C6@cisco.com>
From: Alan Kavanagh <alan.kavanagh@ericsson.com>
To: Richard Pruss <ric@cisco.com>, Yoshihiro Ohba <yohba@tari.toshiba.com>
X-OriginalArrivalTime: 28 Jul 2008 05:06:14.0213 (UTC) FILETIME=[A8AEE750:01C8F06F]
Cc: dhcwg@ietf.org
Subject: Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/dhcwg>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
I agree with what Yoshihiro has pointed out, in that there is no way to indicate how a EAP Failure would be indicated to the client in DHCP_Auth. Similarly, im a little bit worried here about how we would use DHCP_Auth to authenticate individual IP Sessions behind the same subscriber line? Alan K -----Original Message----- From: dhcwg-bounces@ietf.org [mailto:dhcwg-bounces@ietf.org] On Behalf Of Richard Pruss Sent: July 27, 2008 7:47 AM To: Yoshihiro Ohba Cc: dhcwg@ietf.org Subject: Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Thanks for your comments, On 27/07/2008, at 10:19 AM, Yoshihiro Ohba wrote: > I have a couple of comments on new dhcp-auth I-D. > > - It still does not seem to address the issue of the difference in > retransmission directions. Especially I am not sure how dhcp-auth > works when EAP-Success/Failure gets lost. > > - Comment on fragmentation. The current draft says that there is over > 200-octet space available more than the EAP MTU of 1020 octets. > However, I am not sure that if over 200-octet space is really > sufficient for 1500-octet MTU considering that DHCP relay agent > information option can be inserted by DHCP relay agent as well as > there can be 'shim' layers below IP. Relay's typically add only port information so I think we can be quiet safe with our 200 bytes also considering the real world EAP packet sizes. - Ric > > > - DHCP EAP request response message can be more confusing, considering > the new extension to EAP such as ERX (draft-ietf-hokey-erx) where two > new messages are defined that are neither request nor response. > Considering ERX, I would strongly discourage combining DHCP and EAP > because ERX can make integration of DHCP and EAP even more difficult. > It is best if we separate IP address configuration from network access > authentication. > > Regards, > Yoshihiro Ohba > > On Fri, Jul 25, 2008 at 08:41:44AM +1000, Richard Pruss wrote: >> Hi, >> >> To help the discussion next week I was prompted to put out a summary >> of changes. >> http://tools.ietf.org/html/draft-pruss-dhcp-auth-dsl-03 >> >> We have tried in this version to address concerns raised in IETF 70. >> Jari and Ralph's preso may remind you of those: >> http://www.ietf.org/proceedings/07dec/slides/intarea-2/sld1.htm >> >> We have added a first draft proposal for DHCPv6 messages for a >> limited set of IPv6 deployments. >> http://tools.ietf.org/html/draft-pruss-dhcp-auth-dsl-03#section-5.2 >> >> We now have added a DHCP relay model to the DHCP proxy/server model >> that was the document model. >> (DHCP proxy is a term used in the DSL architectures, where the BRAS >> acts as a server to the client.) >> >> We have added a section on fragmentation. >> http://tools.ietf.org/html/draft-pruss-dhcp-auth-dsl-03#section-8 >> >> The DHCP EAP request response messages are now separate messages to >> possibly make the flow clearer and hopefully make the discussion >> around DHCP vs EAP retransmission responsibility easier for people to >> understand. >> >> There is a section on backwards compatibility and a number of cases >> considered, no updates to that but it addresses one of the bullets on >> the slides in IETF-70. >> >> - Ric >> >> _______________________________________________ >> dhcwg mailing list >> dhcwg@ietf.org >> https://www.ietf.org/mailman/listinfo/dhcwg >> _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www.ietf.org/mailman/listinfo/dhcwg _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] draft-pruss-dhcp-auth-dsl-03 Richard Pruss
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Richard Pruss
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Alan Kavanagh
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Richard Pruss
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Templin, Fred L
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Alan Kavanagh
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Richard Pruss
- Re: [dhcwg] draft-pruss-dhcp-auth-dsl-03 Templin, Fred L