Re: [dhcwg] comments on draft-popoviciu-dhc-certificate-opt-01
Frank Xia <xiayangsong@huawei.com> Wed, 23 April 2008 14:29 UTC
Return-Path: <dhcwg-bounces@ietf.org>
X-Original-To: dhcwg-archive@megatron.ietf.org
Delivered-To: ietfarch-dhcwg-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7823C3A6D3B; Wed, 23 Apr 2008 07:29:05 -0700 (PDT)
X-Original-To: dhcwg@core3.amsl.com
Delivered-To: dhcwg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 410A33A6D63 for <dhcwg@core3.amsl.com>; Wed, 23 Apr 2008 07:29:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.845
X-Spam-Level:
X-Spam-Status: No, score=-0.845 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_BASE64_TEXT=1.753]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HKiZ-DdltgHv for <dhcwg@core3.amsl.com>; Wed, 23 Apr 2008 07:29:00 -0700 (PDT)
Received: from usaga04-in.huawei.com (usaga04-in.huawei.com [206.16.17.180]) by core3.amsl.com (Postfix) with ESMTP id 5B75A3A6D3B for <dhcwg@ietf.org>; Wed, 23 Apr 2008 07:29:00 -0700 (PDT)
Received: from huawei.com (usaga04-in [172.18.9.16]) by usaga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JZS00MT688HQD@usaga04-in.huawei.com> for dhcwg@ietf.org; Wed, 23 Apr 2008 09:29:05 -0500 (CDT)
Received: from xiayangsong ([10.124.12.53]) by usaga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0JZS00BDT88EA2@usaga04-in.huawei.com> for dhcwg@ietf.org; Wed, 23 Apr 2008 09:29:05 -0500 (CDT)
Date: Wed, 23 Apr 2008 09:29:02 -0500
From: Frank Xia <xiayangsong@huawei.com>
To: Eric Levy-Abegnoli <elevyabe@cisco.com>
Message-id: <007701c8a54e$60f796d0$350c7c0a@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-Priority: 3
X-MSMail-priority: Normal
References: <001401c89f1b$29e02d30$350c7c0a@china.huawei.com> <480E6B9E.4000702@cisco.com>
Cc: dhcwg@ietf.org
Subject: Re: [dhcwg] comments on draft-popoviciu-dhc-certificate-opt-01
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1225702044=="
Sender: dhcwg-bounces@ietf.org
Errors-To: dhcwg-bounces@ietf.org
Hi Eric Please see my inline response... BR Frank ----- Original Message ----- From: Eric Levy-Abegnoli To: Frank Xia Cc: dhcwg@ietf.org Sent: Tuesday, April 22, 2008 5:50 PM Subject: Re: [dhcwg] comments on draft-popoviciu-dhc-certificate-opt-01 Frank Xia a écrit : > Hi Folks > I had a quick look at the draft > http://tools.ietf.org/id/draft-popoviciu-dhc-certificate-opt-01.txt. > Here are some questions. > where does the delegating router get the certificate? > using manual configuration or using dymanic mechanism to get > the certificate from other entities? either way. This is outside the scope of this specification, and there exist a number of mechanisms to achieve that (SCEP, CMP,...) Frank=>I encourage you make it more detailed. I think it is better for people to understand the use case or background. You define a protocol, and the others probably dont know how to use it. > is it possible for the requesting router to retrieve the certificate > from a DHCP server rather than the delegating server? the delegating server and the DHCP server can be collapsed. It is just a special case of the more general case that we tried to cover Frank=>I can't get your point. I would like to reword my question. It is possible for the following scenario? A dedicated DHCP server stores a router's certificate, then the router get the certificate from the DHCP server. Eric > BR > Frank > ------------------------------------------------------------------------ > > _______________________________________________ > dhcwg mailing list > dhcwg@ietf.org > https://www.ietf.org/mailman/listinfo/dhcwg >
_______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] comments on draft-popoviciu-dhc-certifica… Frank Xia
- Re: [dhcwg] comments on draft-popoviciu-dhc-certi… Eric Levy-Abegnoli
- Re: [dhcwg] comments on draft-popoviciu-dhc-certi… Frank Xia