IETF Logo Mail Archive

Re: [HOKEY] ERX-12 -- Please review changes

Yoshihiro Ohba <yohba@tari.toshiba.com> Tue, 26 February 2008 05:46 UTC

Return-Path: <hokey-bounces@ietf.org>
X-Original-To: ietfarch-hokey-archive@core3.amsl.com
Delivered-To: ietfarch-hokey-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D39C33A6969; Mon, 25 Feb 2008 21:46:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.409
X-Spam-Level:
X-Spam-Status: No, score=-0.409 tagged_above=-999 required=5 tests=[AWL=0.028, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VaLD+JYwhAll; Mon, 25 Feb 2008 21:46:15 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 06D223A6B4A; Mon, 25 Feb 2008 21:46:15 -0800 (PST)
X-Original-To: hokey@core3.amsl.com
Delivered-To: hokey@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B6BCC3A6969 for <hokey@core3.amsl.com>; Mon, 25 Feb 2008 21:46:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OZB9Hu7SCM-S for <hokey@core3.amsl.com>; Mon, 25 Feb 2008 21:46:12 -0800 (PST)
Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id B04F828C0D7 for <hokey@ietf.org>; Mon, 25 Feb 2008 21:46:12 -0800 (PST)
Received: from steelhead.localdomain (toshi17.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id m1Q5k4jc031462; Tue, 26 Feb 2008 00:46:05 -0500 (EST) (envelope-from yohba@tari.toshiba.com)
Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from <yohba@tari.toshiba.com>) id 1JTsaS-0001FJ-V1; Tue, 26 Feb 2008 00:42:44 -0500
Date: Tue, 26 Feb 2008 00:42:42 -0500
From: Yoshihiro Ohba <yohba@tari.toshiba.com>
To: Lakshminath Dondeti <ldondeti@qualcomm.com>
Message-ID: <20080226054242.GB4494@steelhead.localdomain>
References: <A3DA4C2546E1614D8ACC896746CDCF29CEC757@aruba-mx1.arubanetworks.com> <47C32526.2080203@piuha.net> <47C32D86.2040204@qualcomm.com> <47C32FB2.2080800@piuha.net> <BLU137-W3364D33E2B6FB4AC6018B593180@phx.gbl> <47C33E13.5000404@qualcomm.com> <BLU137-W3014B1D52B1475CCBC1D2B93180@phx.gbl> <47C36BDC.6010909@qualcomm.com> <20080226032611.GD1759@steelhead.localdomain> <47C39651.6060708@qualcomm.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <47C39651.6060708@qualcomm.com>
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
Cc: Bernard Aboba <bernard_aboba@hotmail.com>, Sam Hartman <hartmans-ietf@mit.edu>, hokey@ietf.org
Subject: Re: [HOKEY] ERX-12 -- Please review changes
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: hokey-bounces@ietf.org
Errors-To: hokey-bounces@ietf.org

On Mon, Feb 25, 2008 at 08:32:17PM -0800, Lakshminath Dondeti wrote:
> On 2/25/2008 7:26 PM, Yoshihiro Ohba wrote:
>> Roundtrips between EAP peer and EAP authenticator on the access link
>> are not major part of signaling latency compared to AAA roundtrips.  I
>> have not heard a complaint on 802.11i 4-way handshake latency.
>
> Consider that not to be the case any more.  I am complaining. :)  More  
> seriously, handover latency of 10-20ms is a target in some networks.

I have not heard of 10-20ms handover latency requirement.  If we
assume there is such a requirement, then none of ERX and EAP-KDE will
satisfy the requirement because one AAA roundtrip can be even more
than 20ms even with local AAA servers.  Note that pre-authentication
can eliminate such a post-handover AAA roundtrip.

Yoshihiro Ohba


>
> If there is a sufficient budget for handover, we probably need to do  
> nothing for reauthentication.
>
> regards,
> Lakshminath
>
>>
>> Although it would be a nice thing to reduce any kind of roundtrips as
>> much as possible, I am not sure, after reading the IETF Last Call
>> comments, people outside the HOKEY WG seem to wonder if the expected
>> benefit for more optimization with ERX pays to its deployment cost
>> especially for existing lower-layers.  This is my main motivation to
>> come up with EAP-KDE method.
>>
>> Yoshihiro Ohba
>>
>> On Mon, Feb 25, 2008 at 05:31:08PM -0800, Lakshminath Dondeti wrote:
>>> Hi Bernard,
>>>
>>> I have reviewed draft-ohba-eap-kde-01 before and it does not meet 
>>> fast reauthentication goals.  Please see below:
>>>
>>> On 2/25/2008 3:24 PM, Bernard Aboba wrote:
>>>> [BA] I've recently seen a draft (from Yoshi, submitted today) that  seems
>>>> to provide similar functionality with no changes to RFC 3748.  Although
>>>> I haven't reviewed the document in depth, it did seem to provide
>>>> method-independent re-authentication without multiple round-trips
>>>> (at least for case of a local ERX server, which is the most important
>>>> one from a performance point of view). 
>>> The number of roundtrips on the access link is 3, if we take 
>>> connection open or an equivalent into account.  With ERP, the peer 
>>> can start sending authenticated data after 1 RT.
>>>
>>>> This document will probably be discussed in IEEE 802, which could adopt
>>>> it as their approach to EAP re-authentication going forward.
>>> In other access technologies, the handover latency requirements are 
>>> more stringent and they have already adopted ERP and waiting for 
>>> publication of the ERP RFC.  Without further optimizations, 802.11 
>>> with 3 RTs or more for connection setup and EAP-KDE and 2 more for 
>>> the 4-way exchange has little to no hope of really achieving low 
>>> handover latency.
>>>
>>> That model does not fit for voice call continuity.
>>>
>>> regards,
>>> Lakshminath
>>>
>>>> If possible, it would be good to have a single standard for this, as opposed
>>>> to multiple competing ones.
>>> _______________________________________________
>>> HOKEY mailing list
>>> HOKEY@ietf.org
>>> http://www.ietf.org/mailman/listinfo/hokey
>>>
>>>
>>
>
_______________________________________________
HOKEY mailing list
HOKEY@ietf.org
http://www.ietf.org/mailman/listinfo/hokey

v2.23.0 | Report a Bug | By Email