Re: [Int-area] DCHP-based authentication for DSL?
"Julien Bournelle" <julien.bournelle@gmail.com> Thu, 18 October 2007 15:08 UTC
Return-path: <int-area-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IiWzI-0001aX-GW; Thu, 18 Oct 2007 11:08:40 -0400
Received: from int-area by megatron.ietf.org with local (Exim 4.43) id 1IiWzH-0001YO-2z for int-area-confirm+ok@megatron.ietf.org; Thu, 18 Oct 2007 11:08:39 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IiWzG-0001YG-91 for int-area@ietf.org; Thu, 18 Oct 2007 11:08:38 -0400
Received: from wx-out-0506.google.com ([66.249.82.224]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IiWzA-0005Db-2e for int-area@ietf.org; Thu, 18 Oct 2007 11:08:38 -0400
Received: by wx-out-0506.google.com with SMTP id s8so170353wxc for <int-area@ietf.org>; Thu, 18 Oct 2007 08:08:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=so3gy6PEIjELQeMLMsv6rXFv0vsRzK1ebTkOv95GI5A=; b=V4EllmmcZTLAEyE3THWUe05gSiT8HQ5qlci0j7b18h398OXaNcAwUJsENCL8IkE6pcE0X7PnnRo6vUHO1wREx3Bh2owVEiwRVATPc9xJVwZjX3Cw8Qskz0limkeD4ujJ3fYpEHO817pJCrVTZQ2HKb06g2SpBnuqFcLUz0RCcM0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=eOXQIwWRcNWGQ8v2xdTVpyib4hH4bUduESFUUkq+YOBE5xkMatCjGR0dcbbRGZlYR2/VVCkCWF0bYmsZOvYWe9e9pfKXOQ81Nyo1aQa6chffAHrR3GEvbNo/7J+zMSAzRT5i6J/FlAsKHEsgTeW8GnsywNdTPnu5X58jJF+9wCo=
Received: by 10.70.108.18 with SMTP id g18mr1118934wxc.1192720086627; Thu, 18 Oct 2007 08:08:06 -0700 (PDT)
Received: by 10.70.12.17 with HTTP; Thu, 18 Oct 2007 08:08:06 -0700 (PDT)
Message-ID: <5e2406980710180808h51722483v6f521b6fa8112fb2@mail.gmail.com>
Date: Thu, 18 Oct 2007 17:08:06 +0200
From: Julien Bournelle <julien.bournelle@gmail.com>
To: int-area@ietf.org
Subject: Re: [Int-area] DCHP-based authentication for DSL?
In-Reply-To: <47054B77.8020708@piuha.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <47054B77.8020708@piuha.net>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4
Cc:
X-BeenThere: int-area@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/int-area>
List-Post: <mailto:int-area@lists.ietf.org>
List-Help: <mailto:int-area-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@lists.ietf.org?subject=subscribe>
Errors-To: int-area-bounces@lists.ietf.org
Hi all, some years ago we proposed to add configuration data to the EAP protocol. This proposal had been rejected and one argument was that EAP protocol is an authentication protocol and not a configuration protocol and that the IETF configuration protocol is DHCP. Now, I have the impression that this the opposite, some want to add authentication mechanism in the IETF configuration protocol and I feel the argument is the same. As mentioned several time by alper, this is clearly stated in a IAB's draft, section 2.5 http://www.ietf.org/internet-drafts/draft-iab-ip-config-00.txt "Network access authentication is a distinct problem from Internet host configuration. Network access authentication is best handled independently of the configuration mechanisms in use for the Internet and higher layers." If people does not agree with the above statement, they should say so to IAB. Based on that, my opinion is that the IETF should not support DHCP-based authentication and should recommend use of PANA which has been defined at the IETF for network access authentication. Best Regards; Julien Bournelle On 10/4/07, Jari Arkko <jari.arkko@piuha.net> wrote: > > We talked about the DSL requirements earlier on this list. Now > they have sent us a liaison statement regarding what they would > like to do: > > "At this time, we would like to make the IETF aware that during > our most recent DSL Forum quarterly meeting, the Architecture > and Transport Working Group agreed to seriously consider adopting > a mechanism such as that proposed in draft-pruss-dhcp-auth-dsl-01.txt > or draft-zhao-dhc-user-authentication-02. We understand that the authors > of these specifications intend to produce a combined document soon. > The DSL Forum formally requests that the IETF adopt this as a work > item, and would appreciate being advised of progress as soon as possible. > > Our next quarterly meeting is December 10-13, in Lisbon, Portugal." > > > How do we feel about this? Is this a good idea, considering the DSL > architecture? How will it affect DHCP the protocol? How would > you go about making DHCP extensions so that they work best > for all possible environments and not just DSL? Is anyone > already working on the combined draft promised above? Are > there any other choices that we should recommend instead? > > I would like to hold the discussion on this in this list until > we've determined that the DHCP protocol is the right tool > for the job. If it is, we can recharter DHC WG again to add > the actual development work there. (DHC is right now > being rechartered but that recharting is mostly a cleanup > and not the addition of functionality to do this.) > > Jari > > > > _______________________________________________ > Int-area mailing list > Int-area@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list Int-area@lists.ietf.org https://www1.ietf.org/mailman/listinfo/int-area
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- [Int-area] DCHP-based authentication for DSL? Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- RE: [Int-area] DCHP-based authentication for DSL? Maglione Roberta
- Re: [Int-area] DCHP-based authentication for DSL? James Kempf
- RE: [Int-area] DCHP-based authentication for DSL? Pekka Savola
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Pekka Savola
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- RE: [Int-area] DCHP-based authentication for DSL? MORAND Lionel RD-CORE-ISS
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Stig Venaas
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? James Kempf
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Business considerations (Was: Re: [Int-area] DCHP… Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- Re: Business considerations (Was: Re: [Int-area] … James Kempf
- Re: Business considerations (Was: Re: [Int-area] … Jari Arkko
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Julien Bournelle
- Re: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? David R Oran
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Pekka Savola
- Re: [Int-area] DCHP-based authentication for DSL? Hannes Tschofenig
- Re: [Int-area] DCHP-based authentication for DSL? Julien Bournelle
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Wojciech Dec (wdec)
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Hannes Tschofenig
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Julien Bournelle
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Wojciech Dec (wdec)
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Wojciech Dec (wdec)
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Peter Arberg
- RE: [Int-area] DCHP-based authentication for DSL? Peter Arberg
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Bill Welch
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Stig Venaas
- RE: [Int-area] DCHP-based authentication for DSL? Bill Welch
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Hannes Tschofenig
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Stig Venaas
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- RE: [Int-area] DCHP-based authentication for DSL? Bill Welch
- Re: [Int-area] DCHP-based authentication for DSL? Hannes Tschofenig
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Hannes Tschofenig
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? Bernard_Aboba
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Stig Venaas
- RE: [Int-area] DCHP-based authentication for DSL? Wojciech Dec (wdec)
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Bill Welch
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- RE: [Int-area] DCHP-based authentication for DSL? Wojciech Dec (wdec)
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- RE: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [dhcwg] Re: [Int-area] DCHP-based authenticat… Richard Pruss
- Re: [dhcwg] Re: [Int-area] DCHP-based authenticat… Ted Lemon
- RE: [dhcwg] Re: [Int-area] DCHP-based authenticat… Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [dhcwg] Re: [Int-area] DCHP-based authenticat… Ted Lemon
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [dhcwg] Re: [Int-area] DCHP-based authenticat… Richard Pruss
- RE: [Int-area] DCHP-based authentication for DSL? Wojciech Dec (wdec)
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [dhcwg] Re: [Int-area] DCHP-based authenticat… Ted Lemon
- Re: [Int-area] DCHP-based authentication for DSL? Ted Lemon
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? Bernard Aboba
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Ralph Droms
- Re: [Int-area] DCHP-based authentication for DSL? Ted Lemon
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? Damic, Damjan
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- RE: [Int-area] DCHP-based authentication for DSL? Eric Voit (evoit)
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- RE: [Int-area] DCHP-based authentication for DSL? Templin, Fred L
- Re: [Int-area] DCHP-based authentication for DSL? Alan DeKok
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Richard Pruss
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- RE: [Int-area] DCHP-based authentication for DSL? Alper Yegin
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Iljitsch van Beijnum
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Mark Townsley
- Re: [Int-area] DCHP-based authentication for DSL? Yoshihiro Ohba
- Re: [Int-area] DCHP-based authentication for DSL? Jari Arkko
- RE: [Int-area] DCHP-based authentication for DSL? Avi Lior