Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03
"Glen Zorn" <glenzorn@comcast.net> Thu, 13 March 2008 17:38 UTC
Return-Path: <hokey-bounces@ietf.org>
X-Original-To: ietfarch-hokey-archive@core3.amsl.com
Delivered-To: ietfarch-hokey-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E7CAC3A6E48; Thu, 13 Mar 2008 10:38:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.053
X-Spam-Level:
X-Spam-Status: No, score=-100.053 tagged_above=-999 required=5 tests=[AWL=-0.216, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, J_CHICKENPOX_23=0.6, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lYlcrvcVOAIy; Thu, 13 Mar 2008 10:38:32 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7CAA53A6BD5; Thu, 13 Mar 2008 10:38:32 -0700 (PDT)
X-Original-To: hokey@core3.amsl.com
Delivered-To: hokey@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C217D3A6BCB for <hokey@core3.amsl.com>; Wed, 12 Mar 2008 15:15:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DCDmNcetE4nu for <hokey@core3.amsl.com>; Wed, 12 Mar 2008 15:15:27 -0700 (PDT)
Received: from QMTA06.westchester.pa.mail.comcast.net (qmta06.westchester.pa.mail.comcast.net [76.96.62.56]) by core3.amsl.com (Postfix) with ESMTP id D579F3A6BB1 for <hokey@ietf.org>; Wed, 12 Mar 2008 15:15:26 -0700 (PDT)
Received: from OMTA09.westchester.pa.mail.comcast.net ([76.96.62.20]) by QMTA06.westchester.pa.mail.comcast.net with comcast id 0EAR1Z0050SCNGk560dr00; Wed, 12 Mar 2008 22:12:20 +0000
Received: from gzornt61 ([66.240.35.66]) by OMTA09.westchester.pa.mail.comcast.net with comcast id 0NBy1Z00K1RdGY23V00000; Wed, 12 Mar 2008 22:13:05 +0000
X-Authority-Analysis: v=1.0 c=1 a=48vgC7mUAAAA:8 a=RcdP1FOIdUOGiEtz94AA:9 a=OM6TqjiWmYeeGjqLCl5Vp3OCh54A:4 a=-utQw5L2n1AA:10 a=oltf0pfCdT4A:10
From: Glen Zorn <glenzorn@comcast.net>
To: "'David B. Nelson'" <dnelson@elbrysnetworks.com>, 'Lakshminath Dondeti' <ldondeti@qualcomm.com>
References: <003601c88386$d06b7a20$091716ac@xpsuperdvd2> <47D69F03.3030800@qualcomm.com> <002401c88487$99e12660$091716ac@xpsuperdvd2>
Date: Wed, 12 Mar 2008 18:11:51 -0400
Message-ID: <001101c8848e$2e04ad20$2d01f00a@arubanetworks.com>
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
In-Reply-To: <002401c88487$99e12660$091716ac@xpsuperdvd2>
Thread-Index: AciDiPPZHcUdU+98TbC66jCoRaIFogA/V3JQAAGwtqA=
X-Mailman-Approved-At: Thu, 13 Mar 2008 10:38:30 -0700
Cc: Bernard_Aboba@hotmail.com, hokey@ietf.org
Subject: Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: hokey-bounces@ietf.org
Errors-To: hokey-bounces@ietf.org
David B. Nelson <mailto:dnelson@elbrysnetworks.com> scribbled on Wednesday, March 12, 2008 5:26 PM: > Hi Lakshminath, > >> Thanks. I can followup with a presentation to the RADEXT WG. >> >> The plan was to present a variation of that work, based on Glen's >> long standing work in the area at the HOKEY meeting. Charles wants >> to consider the item as a HOKEY WG item. I am cc'ing him so he can >> clarify any misunderstanding on my part. >> >> I can come by the RADEXT meeting and try and address the issues >> raised. Please let me know how much time I will have. > > 9:50 - 10:00 AM RADIUS support for EAP Re-authentication > (Lakshminath Dondeti) > http://www.ietf.org/internet-drafts/draft-gaonkar-radext-erp-at > trs-03.txt > > Based on the decisions in HOKEY this morning, do you want to > change the focus of the presentation? > > If I understand the direction in HOKEY, there will be an > un-encrypted RADIUS Key Container Attribute defined for use in > HOKEY, within a HOKEY draft. I'm not at all sure that that is a good idea -- it seems to assume the usage of an external-to-RADIUS protection method (DTLS, IPsec, etc.) & preclude the usage of RADIUS-based protection (e.g., key wrap). Surely you don't imagine that we will revisit this issue once radext makes up its collective mind? > RADEXT will continue to pursue Crypto-Agility for > cryptographic protection on *any* attribute through a merger > of two of Glen's drafts (Key Wrap and Encrypted Attributes). > Other RADIUS protection options are RADIUS over DTLS, RADSEC > and RADIUS over IPsec. Actually, only RADIUS over DTLS really qualifies, I think: IPsec is inappropriate for a couple of reasons & RADSEC isn't RADIUS (though it does qualify as AAA). > > Regards, > > Dave _______________________________________________ HOKEY mailing list HOKEY@ietf.org https://www.ietf.org/mailman/listinfo/hokey
- Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03 Glen Zorn
- Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03 David B. Nelson
- Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03 David B. Nelson
- Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03 Bernard Aboba
- Re: [HOKEY] draft-gaonkar-radext-erp-attrs-03 Glen Zorn