IETF Logo Mail Archive

Re: [HOKEY] WGLC on draft-ietf-hokey-arch-design

Glen Zorn <glenzorn@gmail.com> Sun, 04 September 2011 08:57 UTC

Return-Path: <glenzorn@gmail.com>
X-Original-To: hokey@ietfa.amsl.com
Delivered-To: hokey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BE0021F8549 for <hokey@ietfa.amsl.com>; Sun, 4 Sep 2011 01:57:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iSoDG7pAWvuJ for <hokey@ietfa.amsl.com>; Sun, 4 Sep 2011 01:57:16 -0700 (PDT)
Received: from mail-pz0-f45.google.com (mail-pz0-f45.google.com [209.85.210.45]) by ietfa.amsl.com (Postfix) with ESMTP id 7553F21F8515 for <hokey@ietf.org>; Sun, 4 Sep 2011 01:57:16 -0700 (PDT)
Received: by pzk33 with SMTP id 33so12781750pzk.18 for <hokey@ietf.org>; Sun, 04 Sep 2011 01:58:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=wnik5WmkNW5k0eeIurmrfQwLx+Bsl257bFz/VMeqxgc=; b=j7XOgDzzjHL2N5fPzhFNRWHW9gQxkmPL5p2awFgZR0uVvd5Sz/LdWYu1aFVHdKCHtC MvNQHMii/qvxOffg8zHwjqSoi7xmfwWySPwSfuPWlmzbGhGCrEMmkWg/OzPp24i8BIDy LbWo8rIy336tFLe1NmDZCenW3t3EYH9ZF55/A=
Received: by 10.68.1.198 with SMTP id 6mr2388712pbo.177.1315126737424; Sun, 04 Sep 2011 01:58:57 -0700 (PDT)
Received: from [192.168.1.98] (ppp-110-168-116-157.revip5.asianet.co.th. [110.168.116.157]) by mx.google.com with ESMTPS id f6sm12824717pbp.2.2011.09.04.01.58.53 (version=SSLv3 cipher=OTHER); Sun, 04 Sep 2011 01:58:55 -0700 (PDT)
Message-ID: <4E633DC9.9080608@gmail.com>
Date: Sun, 04 Sep 2011 15:58:49 +0700
From: Glen Zorn <glenzorn@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1
MIME-Version: 1.0
To: Qin Wu <bill.wu@huawei.com>
References: <4E3A81CB.3070106@net-zen.net> <CAProHARuiSdSuNfDf3JWKPOkLxdvQLL2E-RKrbO_YKgjnfaAow@mail.gmail.com> <4E5F7109.6040907@gmail.com> <A7F85312C4F3414192BA49C44F61DD3F@china.huawei.com>
In-Reply-To: <A7F85312C4F3414192BA49C44F61DD3F@china.huawei.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: hokey@ietf.org
Subject: Re: [HOKEY] WGLC on draft-ietf-hokey-arch-design
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Sep 2011 08:57:17 -0000

On 9/2/2011 8:59 AM, Qin Wu wrote:

>> On 8/10/2011 10:38 AM, Zhen Cao wrote:
>>> I have read the latest (draft-ietf-hokey-arch-design) version of this
>>> draft and think it is ready for publication. However I have some
>>> additional comments to this draft below:
>>> Section 1, It said
>>> "
>>> whereas in AAK the client interacts with the AAA to discover and
>>> connect to CAPs.
>>> "
>>> [Z]: How to understand "discover"? It seems for AAK, there are
>>> potentially two possible cases.
>>> case 1: the client has already discovered a list of CAPs and negotiate
>>> with the AAA to choose one appropriate CAP from the CAPs list.
>>> case 2: the client only knows a layer-2 identifier as index and then
>>> the client use index to lookup appropirate CAP by interacting with the
>>> AAA. which case is correct?
> 
> [Qin]: My understanding is ,in AAK, SAP is capable of discovering CAPs 
> and is not necessary to rely on client based CAP discovery.

Actually, I think that CAP discovery is completely out of the scope of
hokey; what might be in scope would be the nature of the data that is
obtained as a result of discovery (name, address, etc.) but that may not
belong in this document.

...

>>> Section 3.1.2 "Minimized User Interaction for authorization"
>>> [Z]: This section seems redundant since the previous section has
>>> already cover this case. 
>>
>> Is that really so, though?  Minimizing the communication with home
>> servers doesn't seem to imply minimizing user interaction to me, but
>> maybe I'm wrong.
> 
> [Qin]: You are not wrong, one use case is in AAK, SAP communicate with the client on one side,
> while SAP interaction with the AAA on the other side. With this case, we can
> see minimizing the SAP communcation with the home servers does not means minimizing user interaction
> between the SAP and the client.
> I remember in the meeting, it is suggested to change 
> "Minimized User Interaction for authorization"
> into
> "Minimized User Interaction for authentication"

Yes, that's been fixed in the newest version, I think.

>>> Suggest to merge section 3.1.2 into section
>>> 3.1.1 or just delete the section 3.1.2.
>>>
>>> Section 6:
>>> [Z]:In Quebec meeting, the case where multiple servers are located in
>>> the same domain has been
>>> well discussed. I am thinking if this case should be taken into
>>> account in this section or leave
>>> this case out of scope of hokey architecture?
>>
>> I was going to suggest putting it into the AAA considerations section
>> but their doesn't seem to be one ;-).
> 
> [Qin]: I thought multiple servers cases is relevant to ERP and should be 
> discussed in RFC5296bis document. It is not good to discuss the same issue
> in both two documents. Am I wrong?

I tend to agree with you.

...

v2.8.7 | Report a Bug | By Email