Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: draft-ietf-mip6-auth-protocol-01.txt anddraft-ietf-mip6-mn-ident-option-00.txt
Kent Leung <kleung@cisco.com> Thu, 16 December 2004 23:16 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA25716 for <mip6-web-archive@ietf.org>; Thu, 16 Dec 2004 18:16:04 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Cf4zG-0005U7-6K for mip6-web-archive@ietf.org; Thu, 16 Dec 2004 18:24:56 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Cf4jO-0003tJ-QS; Thu, 16 Dec 2004 18:08:22 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Cf4g5-0002Bb-UN for mip6@megatron.ietf.org; Thu, 16 Dec 2004 18:04:59 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA23992 for <mip6@ietf.org>; Thu, 16 Dec 2004 18:04:54 -0500 (EST)
Received: from sj-iport-4.cisco.com ([171.68.10.86]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Cf4ob-000542-SF for mip6@ietf.org; Thu, 16 Dec 2004 18:13:46 -0500
Received: from sj-core-3.cisco.com (171.68.223.137) by sj-iport-4.cisco.com with ESMTP; 16 Dec 2004 15:04:31 -0800
X-BrightmailFiltered: true
X-Brightmail-Tracker: AAAAAA==
Received: from mira-sjc5-b.cisco.com (IDENT:mirapoint@mira-sjc5-b.cisco.com [171.71.163.14]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id iBGN4N6n022007; Thu, 16 Dec 2004 15:04:23 -0800 (PST)
Received: from kleung-w2k01.cisco.com (sjc-vpn5-490.cisco.com [10.21.89.234]) by mira-sjc5-b.cisco.com (MOS 3.4.5-GR) with ESMTP id AZX00900; Thu, 16 Dec 2004 15:14:21 -0800 (PST)
Message-Id: <4.3.2.7.2.20041216145736.0396add8@mira-sjcm-2.cisco.com>
X-Sender: kleung@mira-sjcm-2.cisco.com
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Thu, 16 Dec 2004 15:04:21 -0800
To: Wing Cheong Lau <lau@qualcomm.com>
From: Kent Leung <kleung@cisco.com>
Subject: Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: draft-ietf-mip6-auth-protocol-01.txt anddraft-ietf-mip6-mn-ident-option-00.txt
In-Reply-To: <6.0.0.22.2.20041216141128.04139370@qcmail1.qualcomm.com>
References: <4.3.2.7.2.20041216133242.02270008@mira-sjcm-2.cisco.com> <200412141424.iBEEOMSj052267@givry.rennes.enst-bretagne.fr> <4.3.2.7.2.20041216133242.02270008@mira-sjcm-2.cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 73734d43604d52d23b3eba644a169745
Cc: mip6@ietf.org, James Kempf <kempf@docomolabs-usa.com>, Francis Dupont <Francis.Dupont@enst-bretagne.fr>, Basavaraj.Patil@nokia.com
X-BeenThere: mip6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mip6.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mip6@ietf.org>
List-Help: <mailto:mip6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=subscribe>
Sender: mip6-bounces@ietf.org
Errors-To: mip6-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 386e0819b1192672467565a524848168
Hi Wing. This is a generic issue, lack of RADIUS AVPs to identify authentication method to the AAA server. This was also raised in MIP4 WG for 3012bis. That draft is proceeding forth with admission to this fact. There needs to be an I-D in RADEXT WG to deal with this generic AAA issue. We plan to submit an I-D there. Kent At 02:33 PM 12/16/2004 -0800, Wing Cheong Lau wrote: >At 01:34 PM 12/16/2004, Kent Leung wrote: >>Hi James. >> >>Acknowledged. Unless there's disagreement, we'll replace MD5 context >>with SHA-1 in the document. >> >>Thanks. >> >>Kent >Dear Kent, > >Once you replace MD5 with SHA-1, will you be proposing corresponding >extensions/ changes to >RADIUS and CHAP so that one can use RADIUS/CHAP to authenticate a BU using >MN-AAA authentication >option in your draft ? (there is no mentioning of SHA-1 in RFC2865 or RFC >1996 so far). > >If not, how will the MN-AAA option interoperate with the AAA ? > >Regards, > >Wing > >>At 05:41 PM 12/14/2004 -0800, James Kempf wrote: >>> > - another point: MD5 should be replaced by SHA-1 everywhere in the >>>document. >>> >>>Yes, this can't be emphasized strongly enough. >>> >>>Results by Xiaoyun Wang from China presented at Crypto in Santa Barbara this >>>summer showed that with 1 hr of precomputation on IBM P690, new collisons on >>>1024 bit messages could be generated every 15 sec. to 5 min. MD5 should be >>>considered insecure and not used, and it should be EOL-ed in existing IETF >>>protocols and replaced with SHA-1. >>> >>>SHA-1 appears to be secure after 40 rounds but has been broken up to 40 (it >>>typically takes 80), which appears to be the limit possible with the current >>>cryptanalysis technique. Whether its possible to break SHA-1 completely, >>>remains to be seen. >>> >>> jak >>> >>> >>> >>>_______________________________________________ >>>Mip6 mailing list >>>Mip6@ietf.org >>>https://www1.ietf.org/mailman/listinfo/mip6 >> >>-- >> | | Kent Leung >> :|: :|: IP Mobility Development >> :|||: :|||: IOS Technologies Division >> :|||||||: :|||||||: Voice: 408.526.5030 >>.:|||||||||:.:|||||||||:. Fax: 408.525.1653 >> c i s c o S y s t e m s Email: kleung@cisco.com >> >>_______________________________________________ >>Mip6 mailing list >>Mip6@ietf.org >>https://www1.ietf.org/mailman/listinfo/mip6 > > >_______________________________________________ >Mip6 mailing list >Mip6@ietf.org >https://www1.ietf.org/mailman/listinfo/mip6 -- | | Kent Leung :|: :|: IP Mobility Development :|||: :|||: IOS Technologies Division :|||||||: :|||||||: Voice: 408.526.5030 .:|||||||||:.:|||||||||:. Fax: 408.525.1653 c i s c o S y s t e m s Email: kleung@cisco.com _______________________________________________ Mip6 mailing list Mip6@ietf.org https://www1.ietf.org/mailman/listinfo/mip6
- [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: dr… Basavaraj.Patil
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Junghoon Jee
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- Re: [Mip6] Comments on draft-ietf-mip6-auth-proto… Jari Arkko
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Vijay Devarapalli
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Charlie P
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Kent Leung
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… James Kempf
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Rajeev Koodli
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Kent Leung
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Wing Cheong Lau
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh
- RE: [Mip6] Comments on draft-ietf-mip6-auth-proto… alpesh
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Kent Leung
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… James Kempf
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh
- [Mip6] Comments on draft-ietf-mip6-mn-ident-optio… Jari Arkko
- [Mip6] Comments on draft-ietf-mip6-auth-protocol-… Jari Arkko
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- Re: [Mip6] Comments on draft-ietf-mip6-auth-proto… AC Mahendran
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh
- Re: [Mip6] Comments on draft-ietf-mip6-auth-proto… Charles E. Perkins
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh