IETF Logo Mail Archive

Re: [Dime] [abfab] [radext] New Version Notification for draft-winter-radext-populating-eapidentity-00.txt

Sam Hartman <hartmans@painless-security.com> Tue, 18 February 2014 15:20 UTC

Return-Path: <hartmans@painless-security.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10D051A0692; Tue, 18 Feb 2014 07:20:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.448
X-Spam-Level:
X-Spam-Status: No, score=-2.448 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.548] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5C0VS2oHqUD4; Tue, 18 Feb 2014 07:20:02 -0800 (PST)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) by ietfa.amsl.com (Postfix) with ESMTP id 670A61A0209; Tue, 18 Feb 2014 07:20:00 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 61D4C20686; Tue, 18 Feb 2014 10:16:04 -0500 (EST)
Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5lSYdUSYgdp2; Tue, 18 Feb 2014 10:16:02 -0500 (EST)
Received: from carter-zimmerman.suchdamage.org (c-50-177-27-27.hsd1.ma.comcast.net [50.177.27.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Tue, 18 Feb 2014 10:16:02 -0500 (EST)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id B49F1837F1; Tue, 18 Feb 2014 10:19:53 -0500 (EST)
From: Sam Hartman <hartmans@painless-security.com>
To: Alan DeKok <aland@deployingradius.com>
References: <20140214084329.10393.78739.idtracker@ietfa.amsl.com> <52FDDD10.1050306@restena.lu> <52FFF22A.5010802@deployingradius.com> <5301D017.8060302@restena.lu> <5302105C.6070103@deployingradius.com>
Date: Tue, 18 Feb 2014 10:19:53 -0500
In-Reply-To: <5302105C.6070103@deployingradius.com> (Alan DeKok's message of "Mon, 17 Feb 2014 08:36:28 -0500")
Message-ID: <tsla9dobg86.fsf@mit.edu>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: http://mailarchive.ietf.org/arch/msg/dime/lkDrafhsFfimfF51b6b-7h5rUYs
Cc: abfab@ietf.org, "dime@ietf.org" <dime@ietf.org>, "<emu@ietf.org>" <emu@ietf.org>, "radext@ietf.org" <radext@ietf.org>
Subject: Re: [Dime] [abfab] [radext] New Version Notification for draft-winter-radext-populating-eapidentity-00.txt
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime/>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Feb 2014 15:20:08 -0000

>>>>> "Alan" == Alan DeKok <aland@deployingradius.com> writes:


    Alan>   The idea was to allow *provisioning* of the
    Alan> Response/Identity.  Automatically deriving it from the
    Alan> method-specific "user identity" is just as bad as
    Alan> automatically using a 3GPP identity.

Unfortunately in contexts like ABFAB, you're only going to have one
username.
I appreciate that there are environments where you need a different
outer username, but I think we want to be moving towards anonymous outer
usernames derived from the realm, and I do not support a spec that would
make that more difficult.

v2.23.0 | Report a Bug | By Email