Re: [Dime] FW: [Editorial Errata Reported] RFC4072 (2317)
Souheil Ben Ayed <souheil@tera.ics.keio.ac.jp> Fri, 02 July 2010 08:56 UTC
Return-Path: <souheil@tera.ics.keio.ac.jp>
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 43A353A68C0 for <dime@core3.amsl.com>; Fri, 2 Jul 2010 01:56:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.639
X-Spam-Level:
X-Spam-Status: No, score=0.639 tagged_above=-999 required=5 tests=[AWL=0.729, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1wFiHhQJXajQ for <dime@core3.amsl.com>; Fri, 2 Jul 2010 01:56:36 -0700 (PDT)
Received: from maro.tera.ics.keio.ac.jp (maro.tera.ics.keio.ac.jp [131.113.71.3]) by core3.amsl.com (Postfix) with ESMTP id 001613A68B8 for <dime@ietf.org>; Fri, 2 Jul 2010 01:56:35 -0700 (PDT)
Received: from [131.113.71.108] (dhcp108.tera.ics.keio.ac.jp [131.113.71.108]) by maro.tera.ics.keio.ac.jp (Postfix) with ESMTPSA id 2E39F2D4; Fri, 2 Jul 2010 17:51:03 +0900 (JST)
Message-ID: <4C2DA86D.5060401@tera.ics.keio.ac.jp>
Date: Fri, 02 Jul 2010 17:50:53 +0900
From: Souheil Ben Ayed <souheil@tera.ics.keio.ac.jp>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: Glen Zorn <gwz@net-zen.net>
References: <EDC652A26FB23C4EB6384A4584434A04022F42F2@307622ANEX5.global.avaya.com> <004801cb18ec$7f16a4d0$7d43ee70$@net> <4C2C5750.5080504@tera.ics.keio.ac.jp> <006b01cb1903$f83b8e40$e8b2aac0$@net>
In-Reply-To: <006b01cb1903$f83b8e40$e8b2aac0$@net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: dime@ietf.org
Subject: Re: [Dime] FW: [Editorial Errata Reported] RFC4072 (2317)
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jul 2010 08:56:37 -0000
Glen Zorn wrote: > > Souheil Ben Ayed [mailto:souheil@tera.ics.keio.ac.jp] writes: > > > > Dear all, > > Please read the section " 2.7. Accounting" of the RFC 4072. > > In this section, it is described that one or more > Accounting-EAP-Auth-Method AVPs may be added in a Diameter-EAP-Answer > with a successful result code. > > > > So what is correct ? > - Allow adding one or more Accounting-EAP-Auth-Method AVPs? > - or only one Accounting-EAP-Auth-Method AVP can be included in a > Diameter-EAP-Answer? > > The latter, I think. > > When only one Accounting-EAP-Auth-Method AVP is included in a Diameter-EAP-Answer, which EAP method will be included in this AVP in the case of an authentication with EAP-TTLS/EAP-MD5, EAP-TTLS/EAP-TLS or any other EAP method that creates a tunnel then authenticates the user with a second EAP method? Should we include only the first used EAP method (in this case EAP-TTLS Type 21), or the second EAP method used for the authentication ? Souheil > > > Souheil > > > Glen Zorn wrote: > > Dan Romascanu [mailto://dromasca@avaya.com] writes: > > > > Dime WG, > > > > Please assess this errata report. > > > > If I understand well then Souheil's observation is that more > > Accounting-EAP-Auth-Method AVPs can be included. This seems more like a > > Technical errata, which if accepted can create interoperability problems > > with existing deployment. Am I correct? > > > > > I think that your understanding is correct, but the errata makes no sense to > me: AFAIK, only one EAP method can be used in authenticating a user (EAP > methods cannot be chained) & even if they could (as proposed for the new > tunneled EAP method under development in EMU), the structure of the Diameter > EAP app mirrors that of EAP (request/response). Two EAP methods cannot be > operational simultaneously, so why would two method identifiers need to be > in the same Diameter message? > > > > Thanks and Regards, > > > > Dan > > > > -----Original Message----- > > From: RFC Errata System [mailto:rfc-editor@rfc-editor.org] > > Sent: Thursday, July 01, 2010 7:31 AM > > To: pasi.eronen@nokia.com <mailto:pasi.eronen@nokia.com>; tomhiller@lucent.com <mailto:tomhiller@lucent.com>; gwz@cisco.com <mailto:gwz@cisco.com>; > > Romascanu, Dan (Dan); rbonica@juniper.net <mailto:rbonica@juniper.net>; Bernard_Aboba@hotmail.com <mailto:Bernard_Aboba@hotmail.com>; > > david@mitton.com <mailto:david@mitton.com>; john.loughney@nokia.com <mailto:john.loughney@nokia.com> > > Cc: souheil.benayed@gmail.com <mailto:souheil.benayed@gmail.com>; rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org> > > Subject: [Editorial Errata Reported] RFC4072 (2317) > > > > > > The following errata report has been submitted for RFC4072, "Diameter > > Extensible Authentication Protocol (EAP) Application". > > > > -------------------------------------- > > You may review the report below and at: > > http://www.rfc-editor.org/errata_search.php?rfc=4072&eid=2317 <http://www.rfc-editor.org/errata_search.php?rfc=4072&eid=2317> > > > > -------------------------------------- > > Type: Editorial > > Reported by: Souheil Ben Ayed <souheil.benayed@gmail.com> <mailto:souheil.benayed@gmail.com> > > > > Section: 3.2. > > > > Original Text > > ------------- > > <Diameter-EAP-Answer> ::= < Diameter Header: 268, PXY > > > > > < Session-Id > > > > > { Auth-Application-Id } > > > > { Auth-Request-Type } > > > > { Result-Code } > > > > { Origin-Host } > > > > { Origin-Realm } > > > > [ User-Name ] > > > > [ EAP-Payload ] > > > > [ EAP-Reissued-Payload ] > > > > [ EAP-Master-Session-Key ] > > > > [ EAP-Key-Name ] > > > > [ Multi-Round-Time-Out ] > > > > [ Accounting-EAP-Auth-Method ] > > > > [ Service-Type ] > > > > Corrected Text > > -------------- > > <Diameter-EAP-Answer> ::= < Diameter Header: 268, PXY > > > > > < Session-Id > > > > > { Auth-Application-Id } > > > > { Auth-Request-Type } > > > > { Result-Code } > > > > { Origin-Host } > > > > { Origin-Realm } > > > > [ User-Name ] > > > > [ EAP-Payload ] > > > > [ EAP-Reissued-Payload ] > > > > [ EAP-Master-Session-Key ] > > > > [ EAP-Key-Name ] > > > > [ Multi-Round-Time-Out ] > > > > * [ Accounting-EAP-Auth-Method ] > > > > [ Service-Type ] > > > > Notes > > ----- > > When one or more EAP methods used for authenticating the user, for each > > used EAP method an Accounting-EAP-Auth-Method AVP is added in the > > Diameter-EAP-Answer with a successful result code. In the message format > > of Diameter-EAP-Answer, one or more Accounting-EAP-Auth-Method AVPs can > > be included. > > > > Instructions: > > ------------- > > This errata is currently posted as "Reported". If necessary, please use > > "Reply All" to discuss whether it should be verified or rejected. When a > > decision is reached, the verifying party (IESG) can log in to change the > > status and edit the report, if necessary. > > > > -------------------------------------- > > RFC4072 (draft-ietf-aaa-eap-10) > > -------------------------------------- > > Title : Diameter Extensible Authentication Protocol (EAP) > > Application > > Publication Date : August 2005 > > Author(s) : P. Eronen, Ed., T. Hiller, G. Zorn > > Category : PROPOSED STANDARD > > Source : Authentication, Authorization and Accounting > > Area : Operations and Management > > Stream : IETF > > Verifying Party : IESG > > _______________________________________________ > > DiME mailing list > > DiME@ietf.org <mailto:DiME@ietf.org> > > https://www.ietf.org/mailman/listinfo/dime > > > > > > _______________________________________________ > DiME mailing list > DiME@ietf.org <mailto:DiME@ietf.org> > https://www.ietf.org/mailman/listinfo/dime > > > > >
- [Dime] FW: [Editorial Errata Reported] RFC4072 (2… Romascanu, Dan (Dan)
- Re: [Dime] FW: [Editorial Errata Reported] RFC407… Glen Zorn
- Re: [Dime] FW: [Editorial Errata Reported] RFC407… Souheil Ben Ayed
- Re: [Dime] FW: [Editorial Errata Reported] RFC407… Souheil Ben Ayed
- Re: [Dime] FW: [Editorial Errata Reported] RFC407… Glen Zorn
- Re: [Dime] FW: [Editorial Errata Reported] RFC407… Souheil Ben Ayed
- Re: [Dime] FW: [Editorial Errata Reported] RFC407… Souheil Ben Ayed