Re: Windows 2000 and Cicsco router interoperability
Paul Krumviede <paul@mci.net> Wed, 17 May 2000 18:46 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id LAA05449; Wed, 17 May 2000 11:46:42 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id NAA23690 Wed, 17 May 2000 13:44:50 -0400 (EDT)
Date: Wed, 17 May 2000 10:52:32 -0700
From: Paul Krumviede <paul@mci.net>
Subject: Re: Windows 2000 and Cicsco router interoperability
In-reply-to: <20000517062617.C3FB935DC2@smb.research.att.com>
To: "Steven M. Bellovin" <smb@research.att.com>, Jan Vilhuber <vilhuber@cisco.com>
Cc: Stephen Kent <kent@bbn.com>, "CHINNA N.R. PELLACURU" <pcn@cisco.com>, ipsec@lists.tislabs.com
Message-id: <783045522.958560752@sjo-dhcp0406.mcit.com>
MIME-version: 1.0
X-Mailer: Mulberry/2.0.0 (Win32)
Content-type: text/plain; format="flowed"; charset="us-ascii"
Content-disposition: inline
Content-transfer-encoding: 7bit
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
--On Wednesday, 17 May, 2000 02:26 -0400 "Steven M. Bellovin" <smb@research.att.com> wrote: > In message > <Pine.SOL.3.96.1000516215040.29630A-100000@jvilhube-ss20.cisco.com>, Jan > Vilhuber writes: >> On Tue, 16 May 2000, Stephen Kent wrote: >>> The "features that AAA provides?" AAA is a WG but there are no AAA >>> standards yet. In fact, the WG drafts so far focusing only on >>> requirements for the protocols that will be standardized, in the >>> future. So a reference to what "AAA provides" or to "customers who >>> are so fond of their AAA infrastructure" appears to be in the future, >>> optimistic tense. >>> >> That's patently false, I fear. What chinna is referring to is the >> interaction (well defined) of Radius Authentication, Authorization and >> accounting (generally referred to as AAA) and PPP (and I expect you >> knew all that). >> >> That the AAA group is back to the drawing board is not the issue. The >> "customers who are so fond of their AAA infrastructure" obviously >> refers to the radius infrastructure. While chinna could have been more >> precise, I always equate them in my mind as well. >> >> I can tell you from personal experience that people want to shoehorn >> EVERYTHING into radius. They'll want this here as well (I've already >> gotten multiple requests about this). I guarantee it'll happen (or your >> money back). > > "Back" to the drawing board? By intent of the IESG, they haven't left > it yet. Up until now, AAA has been focused on requirements. The > charter is at http://www.ietf.org/html.charters/aaa-charter.html; to > save you the trouble, the actions for this group are to generate > requirements, solicit candidate protocols, compare the candidates to > the requirements, and then decide if a new working group is needed to > finish development of the selected candidate. The primary requirements > drafts were only published in late April (i.e., > draft-irtf-aaaarch-generic-01.txt and > draft-irtf-aaaarch-authorization-reqs-01.txt). Please don't confuse the IRTF group, which produced the drafts Steve mentioned, and the IETF working group, which has a different set of drafts. Given that there was little input into the requirements process for things other than network access (e.g. dial-up and mobileIP), the scope of the evaluation is limited. > Yes, RADIUS -- or, more precisely, DIAMETER, which is a next-generation > version of RADIUS, in some ways -- is a strong contender. RADIUS per > se just doesn't cut it. It's also an architectural nightmare, and the > myriad requirements for new features are one reason that it's taken AAA > this long to reach even this point. > > RADIUS as it exists today is inadequate. A new protocol is needed, but > at a guess it's a year until it reaches Proposed Standard. And we have > yet to figure out precisely how it will deal with IPsec, IPSRA, L2TP, > etc. Suggestions on all of this would be welcomed. But the various working groups and the IESG would have to figure out where this fits. But we seem to be a long way away from IPsec itself in such discussions of AAA (whether the WG, the current infrastructure, or combinations of them). -paul
- Windows 2000 and Cicsco router interoperability Andrea Schiavoni
- RE: Windows 2000 and Cicsco router interoperabili… Patrick Ethier
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- RE: Windows 2000 and Cicsco router interoperabili… Khurram Salman-ASK004
- Re: Windows 2000 and Cicsco router interoperabili… Philippe Piemont
- Re: Windows 2000 and Cicsco router interoperabili… Jac Kloots
- R: Windows 2000 and Cicsco router interoperability Fabio Zamparelli
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- Re: Windows 2000 and Cicsco router interoperabili… Ben McCann
- Re: Windows 2000 and Cicsco router interoperabili… Dan Harkins
- Re: Windows 2000 and Cicsco router interoperabili… Ben McCann
- RE: Windows 2000 and Cicsco router interoperabili… Glen Zorn
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Ben McCann
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- RE: Windows 2000 and Cicsco router interoperabili… Michel de Koning
- RE: Windows 2000 and Cicsco router interoperabili… Paul Koning
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Will Price
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Shekhar Kshirsagar
- RE: Windows 2000 and Cicsco router interoperabili… Elzur, Uri
- RE: Windows 2000 and Cicsco router interoperabili… Mason, David
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… James M. Winebrenner
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… Steven M. Bellovin
- Re: Windows 2000 and Cicsco router interoperabili… Ari Huttunen
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- Re: Windows 2000 and Cicsco router interoperabili… Will Price
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- RE: Windows 2000 and Cicsco router interoperabili… Andrew Krywaniuk
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… akrywani
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- RE: Windows 2000 and Cicsco router interoperabili… Andrew Krywaniuk
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… Steven M. Bellovin
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- PPP over IPSec (Re: Windows 2000 and Cicsco route… Ari Huttunen
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Scott G. Kelly
- RE: Windows 2000 and Cicsco router interoperabili… Barney Wolff
- RE: Windows 2000 and Cicsco router interoperabili… Glen Zorn
- Re: Windows 2000 and Cicsco router interoperabili… Paul Krumviede
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- A Gentle Reminder.... Theodore Y. Ts'o
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Jan Vilhuber
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Jan Vilhuber
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Scott G. Kelly
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… CHINNA N.R. PELLACURU
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Skip Booth
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Scott G. Kelly
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Skip Booth
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… tcosenza
- RE: Windows 2000 and Cicsco router interoperabili… Rob Trace
- RE: Windows 2000 and Cicsco router interoperabili… Henry Spencer
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Glen Zorn
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly
- Re: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly