Re: Windows 2000 and Cicsco router interoperability
"Steven M. Bellovin" <smb@research.att.com> Wed, 17 May 2000 07:29 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id AAA06569; Wed, 17 May 2000 00:29:28 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id CAA18221 Wed, 17 May 2000 02:19:04 -0400 (EDT)
X-Mailer: exmh version 2.1.1 10/15/1999
From: "Steven M. Bellovin" <smb@research.att.com>
To: Jan Vilhuber <vilhuber@cisco.com>
Cc: Stephen Kent <kent@bbn.com>, "CHINNA N.R. PELLACURU" <pcn@cisco.com>, ipsec@lists.tislabs.com
Subject: Re: Windows 2000 and Cicsco router interoperability
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Wed, 17 May 2000 02:26:13 -0400
Message-Id: <20000517062617.C3FB935DC2@smb.research.att.com>
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
In message <Pine.SOL.3.96.1000516215040.29630A-100000@jvilhube-ss20.cisco.com>, Jan Vilhuber writes: >On Tue, 16 May 2000, Stephen Kent wrote: >> The "features that AAA provides?" AAA is a WG but there are no AAA >> standards yet. In fact, the WG drafts so far focusing only on >> requirements for the protocols that will be standardized, in the >> future. So a reference to what "AAA provides" or to "customers who >> are so fond of their AAA infrastructure" appears to be in the future, >> optimistic tense. >> >That's patently false, I fear. What chinna is referring to is the interaction >(well defined) of Radius Authentication, Authorization and accounting >(generally referred to as AAA) and PPP (and I expect you knew all that). > >That the AAA group is back to the drawing board is not the issue. The >"customers who are so fond of their AAA infrastructure" obviously refers to >the radius infrastructure. While chinna could have been more precise, I >always equate them in my mind as well. > >I can tell you from personal experience that people want to shoehorn >EVERYTHING into radius. They'll want this here as well (I've already gotten >multiple requests about this). I guarantee it'll happen (or your money back). "Back" to the drawing board? By intent of the IESG, they haven't left it yet. Up until now, AAA has been focused on requirements. The charter is at http://www.ietf.org/html.charters/aaa-charter.html; to save you the trouble, the actions for this group are to generate requirements, solicit candidate protocols, compare the candidates to the requirements, and then decide if a new working group is needed to finish development of the selected candidate. The primary requirements drafts were only published in late April (i.e., draft-irtf-aaaarch-generic-01.txt and draft-irtf-aaaarch-authorization-reqs-01.txt). Yes, RADIUS -- or, more precisely, DIAMETER, which is a next-generation version of RADIUS, in some ways -- is a strong contender. RADIUS per se just doesn't cut it. It's also an architectural nightmare, and the myriad requirements for new features are one reason that it's taken AAA this long to reach even this point. RADIUS as it exists today is inadequate. A new protocol is needed, but at a guess it's a year until it reaches Proposed Standard. And we have yet to figure out precisely how it will deal with IPsec, IPSRA, L2TP, etc. --Steve Bellovin
- Windows 2000 and Cicsco router interoperability Andrea Schiavoni
- RE: Windows 2000 and Cicsco router interoperabili… Patrick Ethier
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- RE: Windows 2000 and Cicsco router interoperabili… Khurram Salman-ASK004
- Re: Windows 2000 and Cicsco router interoperabili… Philippe Piemont
- Re: Windows 2000 and Cicsco router interoperabili… Jac Kloots
- R: Windows 2000 and Cicsco router interoperability Fabio Zamparelli
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- Re: Windows 2000 and Cicsco router interoperabili… Ben McCann
- Re: Windows 2000 and Cicsco router interoperabili… Dan Harkins
- Re: Windows 2000 and Cicsco router interoperabili… Ben McCann
- RE: Windows 2000 and Cicsco router interoperabili… Glen Zorn
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Ben McCann
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- RE: Windows 2000 and Cicsco router interoperabili… Michel de Koning
- RE: Windows 2000 and Cicsco router interoperabili… Paul Koning
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Will Price
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Shekhar Kshirsagar
- RE: Windows 2000 and Cicsco router interoperabili… Elzur, Uri
- RE: Windows 2000 and Cicsco router interoperabili… Mason, David
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… James M. Winebrenner
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… Steven M. Bellovin
- Re: Windows 2000 and Cicsco router interoperabili… Ari Huttunen
- RE: Windows 2000 and Cicsco router interoperabili… Waters, Stephen
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- Re: Windows 2000 and Cicsco router interoperabili… Will Price
- Re: Windows 2000 and Cicsco router interoperabili… Mike Carney
- RE: Windows 2000 and Cicsco router interoperabili… Andrew Krywaniuk
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… akrywani
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- RE: Windows 2000 and Cicsco router interoperabili… Andrew Krywaniuk
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- Re: Windows 2000 and Cicsco router interoperabili… Steven M. Bellovin
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- PPP over IPSec (Re: Windows 2000 and Cicsco route… Ari Huttunen
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: Windows 2000 and Cicsco router interoperabili… W. Mark Townsley
- RE: Windows 2000 and Cicsco router interoperabili… Chris Trobridge
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Scott G. Kelly
- RE: Windows 2000 and Cicsco router interoperabili… Barney Wolff
- RE: Windows 2000 and Cicsco router interoperabili… Glen Zorn
- Re: Windows 2000 and Cicsco router interoperabili… Paul Krumviede
- RE: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- A Gentle Reminder.... Theodore Y. Ts'o
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Jan Vilhuber
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Jan Vilhuber
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Scott G. Kelly
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… CHINNA N.R. PELLACURU
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Skip Booth
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Scott G. Kelly
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Skip Booth
- Re: PPP over IPSec (Re: Windows 2000 and Cicsco r… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… tcosenza
- RE: Windows 2000 and Cicsco router interoperabili… Rob Trace
- RE: Windows 2000 and Cicsco router interoperabili… Henry Spencer
- RE: Windows 2000 and Cicsco router interoperabili… Stephen Kent
- RE: Windows 2000 and Cicsco router interoperabili… Glen Zorn
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly
- Re: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… Jan Vilhuber
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly
- Re: Windows 2000 and Cicsco router interoperabili… CHINNA N.R. PELLACURU
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly
- Re: Windows 2000 and Cicsco router interoperabili… Scott G. Kelly