IETF Logo Mail Archive

Re: [Emu] server unauthenticated provisioning mode

Glen Zorn <glenzorn@gmail.com> Fri, 26 August 2011 06:26 UTC

Return-Path: <glenzorn@gmail.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC13921F8593 for <emu@ietfa.amsl.com>; Thu, 25 Aug 2011 23:26:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lDnp1Hihr45H for <emu@ietfa.amsl.com>; Thu, 25 Aug 2011 23:26:30 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id 4076421F8B0C for <emu@ietf.org>; Thu, 25 Aug 2011 23:26:30 -0700 (PDT)
Received: by gxk19 with SMTP id 19so2923271gxk.31 for <emu@ietf.org>; Thu, 25 Aug 2011 23:27:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=G6GTnyEFGXvU8quGMvbL2NwBFAD9cBQvX0GQ+XxlR90=; b=NDodYGQz0H2Iw811e3qJFOkVDH+FET90pofiLMk/R6r2m9OPhdUtOb43Xf/ZOSh1k9 OHPn3jQN5zyCrwF4WPvf1/WkAkQLsfj4ndKOM48t6Zx8oAlpZBfxFERRXcTHhPZC2zj2 YjorClKXkwA6scDL6B/UE1Sm6b/+hNy6jtUN4=
Received: by 10.236.136.196 with SMTP id w44mr4075429yhi.56.1314340065468; Thu, 25 Aug 2011 23:27:45 -0700 (PDT)
Received: from [192.168.1.98] (ppp-124-122-65-112.revip2.asianet.co.th [124.122.65.112]) by mx.google.com with ESMTPS id z29sm1800578yhn.2.2011.08.25.23.27.42 (version=SSLv3 cipher=OTHER); Thu, 25 Aug 2011 23:27:45 -0700 (PDT)
Message-ID: <4E573CDB.1080006@gmail.com>
Date: Fri, 26 Aug 2011 13:27:39 +0700
From: Glen Zorn <glenzorn@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: Dan Harkins <dharkins@lounge.org>
References: <903fd07b1005de677ae850769bc0d9ba.squirrel@www.trepanning.net> <tslvctm8vu7.fsf@mit.edu> <aec7a052a6bdefd7dbd6651e4979fbd3.squirrel@www.trepanning.net> <tslippm8s7s.fsf@mit.edu> <6b23533ec43dc5c694d925e9302d721d.squirrel@www.trepanning.net> <tsl39gq8hr3.fsf@mit.edu> <4b9c28e27e7a32813d553f4ab78091cb.squirrel@www.trepanning.net> <tslobzd5wsi.fsf@mit.edu> <04f60572044e1534aaa136093e77f0f4.squirrel@www.trepanning.net> <4E572FD4.4040704@gmail.com> <7512996bb3562a81db9cb1d4a7fb5998.squirrel@www.trepanning.net>
In-Reply-To: <7512996bb3562a81db9cb1d4a7fb5998.squirrel@www.trepanning.net>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: Sam Hartman <hartmans-ietf@mit.edu>, emu@ietf.org
Subject: Re: [Emu] server unauthenticated provisioning mode
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Aug 2011 06:26:31 -0000

On 8/26/2011 1:13 PM, Dan Harkins wrote:
> 
> 
> On Thu, August 25, 2011 10:32 pm, Glen Zorn wrote:
>> On 8/26/2011 4:22 AM, Dan Harkins wrote:
>>
>>>> 3) I think MSCHAPv2 is an entirely inappropriate MTI for this
>>>> mechanism. I brought that up as an example about how under certain
>>>> conditions the fact that something is the kind of thing the IETF
>>>> standardizes but is never the less informational should not block a
>>>> downward reference. I was attempting to explain my thinking on the
>>>> process issue to you, not to suggest MSCHAPv2 for this document.
>>>> Apparently I failed to explain my thinking on the process issue.
>>>
>>>   I completely missed that. Sorry. But if the IETF standardized a
>>> wholly inappropriate protocol like MSCHAPv2 (it doesn't even generate a
>>> shared key)
>>
>> Please check your sources & refrain from spouting nonsense; if EAP-pwd
>> is really so wonderful you shouldn't need to disparage other work, it
>> should stand on its own merit.
> 
>   I stand corrected. That must be why draft-zorn-emu-team proposed using
> MSCHAPv2. Oh wait, it didn't. It proposed using EAP-pwd.

& this has a relation to your misrepresentation  how?

> 
>>> then I really don't understand your opposition to EAP-pwd.
>>> MSCHAPv2 became widespread solely due to Windows.
>>
>> Hardly.  The fact that the IETF was busy a) insisting that there was no,
>> and never would be, any need for dynamic key generation (let alone
>> mutual authentication) in network access protocols (specifically PPP;
>> how could there be, since the only appropriate usage of PPP was to
>> connect two routers which can easily be configured with telnet) and b)
>> waiting with baited breath for the magical genesis of the universal PKI
>> (which would happen because IPsec required it & that hamstrung niche
>> protocol was so wonderful that the world would change to satisfy its
>> requirements) certainly had a lot to do with it.  MS-CHAPv2 succeeded
>> because it satisfied a need that the IETF was simultaneously too
>> ignorant and arrogant to see.
> 
>   That's great Glen. You accuse me of disparaging other work and then
> you go and disparage other work. "Do as I say and not as I do". OK,
> I promise.

Actually, Dan, I disparaged the _lack_ of work (in PPP) and the
unrealistic expectations of the "leaders" (in IPsec).  IPsec need not
have been hamstrung by an unrealistic dependency upon PKI and needn't
have been turned into a niche protocol either.

v2.23.0 | Report a Bug | By Email