Re: [Nea] Congrats on Job Well Done
Andreas Steffen <andreas.steffen@strongswan.org> Mon, 12 May 2014 12:55 UTC
Return-Path: <andreas.steffen@strongswan.org>
X-Original-To: nea@ietfa.amsl.com
Delivered-To: nea@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 447491A0694 for <nea@ietfa.amsl.com>; Mon, 12 May 2014 05:55:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.955
X-Spam-Level:
X-Spam-Status: No, score=0.955 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.793] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EThLQQwF6YZj for <nea@ietfa.amsl.com>; Mon, 12 May 2014 05:55:41 -0700 (PDT)
Received: from mail.strongswan.org (unknown [152.96.80.46]) by ietfa.amsl.com (Postfix) with ESMTP id 513981A068E for <nea@ietf.org>; Mon, 12 May 2014 05:55:41 -0700 (PDT)
Received: from [152.96.15.58] (unknown [152.96.15.58]) by mail.strongswan.org (Postfix) with ESMTPSA id 8A58C40541; Mon, 12 May 2014 14:55:27 +0200 (CEST)
Message-ID: <5370C4C4.9050909@strongswan.org>
Date: Mon, 12 May 2014 14:55:32 +0200
From: Andreas Steffen <andreas.steffen@strongswan.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Steve Hanna <steve@hannas.com>, Joe Klein <jsklein@gmail.com>
References: <20140508061524.81DEC180095@rfc-editor.org> <536CEFFA.40509@hannas.com> <536CFB32.7010704@earthlink.net> <536D35C1.10303@hannas.com> <CAP032Tsc50jdnzqrWQtckSbVrqW4hgedd_+jOmNAfWo47yrYBA@mail.gmail.com> <536D3F1B.1070005@hannas.com>
In-Reply-To: <536D3F1B.1070005@hannas.com>
X-Enigmail-Version: 1.5.2
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms010604010106050004060605"
Archived-At: http://mailarchive.ietf.org/arch/msg/nea/aWlqXNZ5VTZnrsfboNyjQM1ya4U
Cc: nea@ietf.org
Subject: Re: [Nea] Congrats on Job Well Done
X-BeenThere: nea@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Network Endpoint Assessment discussion list <nea.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nea>, <mailto:nea-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nea/>
List-Post: <mailto:nea@ietf.org>
List-Help: <mailto:nea-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 May 2014 12:55:43 -0000
Hi, a strongSwan developers release is available which implements the RFC 7171 PT-EAP transport protocol: http://download.strongswan.org/strongswan-5.2.0dr3.tar.bz2 As the outer EAP tunnel method protecting the PT-EAP protocol EAP-TTLS is currently used because we haven't implemented RFC 7170 TEAP yet. An example scenario with two strongSwan IPsec Access Requestors (ARs) connecting to a strongSwan VPN Policy Enforcement Point (PEP) via IKEv2 which in turn has an EAP-RADIUS connection to a strongSwan Policy Decision Point (PDP) is shown here: http://www.strongswan.org/uml/testresults5dr/tnc/tnccs-20-pdp-eap/ The complete IETF NEA stack is used: - RFC 5792 PA-TNC - RFC 5793 PB-TNC - RFC 7181 PT-EAP Alternatively the strongSwan pt-tls-client which implements the RFC 6876 PT-TLS transport protocol can connect directly to the strongSwan Policy Decision Point over a TLS socket: http://www.strongswan.org/uml/testresults5dr/tnc/tnccs-20-pdp-pt-tls/ In this alternative scenario the stack is - RFC 5792 PA-TNC - RFC 5793 PB-TNC - RFC 6876 PT-TLS Best regards Andreas On 09.05.2014 22:48, Steve Hanna wrote: > According to this web page, StrongSwan supports an earlier draft: > > http://wiki.strongswan.org/issues/342 > > I'm sure that Andreas would love to have another independent > implementation to test against so please let him (and the nea > list) know if you do an implementation. > > Thanks, > > Steve > > On 5/9/2014 4:40 PM, Joe Klein wrote: >> Does anyone have working code for this protocol? I would like to >> validate a few assumptions. >> >> Joe Klein >> "Inveniam viam aut faciam" >> >> >> On Fri, May 9, 2014 at 4:08 PM, Steve Hanna <steve@hannas.com >> <mailto:steve@hannas.com>> wrote: >> >> Todd, >> >> I presume that you're referring to this IPR disclosure: >> >> https://datatracker.ietf.org/__ipr/1889/ >> <https://datatracker.ietf.org/ipr/1889/> >> >> If that's the case, you should refer to Cisco's statement >> in the IPR disclosure linked to above. >> >> Speaking only for myself and noting that I'm not a lawyer, >> I don't think there's any reason to worry about that IPR. >> In layman's terms, the Cisco statement says that anyone can >> use their IPR to implement the spec. However, if you sue >> them, they'll sue you back. >> >> Are you planning to implement the spec or just asking? >> >> Thanks, >> >> Steve >> >> >> On 5/9/2014 11:58 AM, TGLASSEY wrote: >> >> What is the status of the Cisco Patent here? >> >> Todd >> >> On 5/9/2014 8:10 AM, Steve Hanna wrote: >> >> I'm happy to say that the nea working group has completed >> our last >> milestone: publishing PT-EAP as a Standards Track RFC. TCG >> has >> published a document bringing their corresponding standard >> (IF-T/EAP) into alignment with the published version of >> PT-EAP: >> >> >> http://www.__trustedcomputinggroup.org/__community/2014/05/complete___set_of_nac_standards_from___ietf_and_tcg >> >> >> <http://www.trustedcomputinggroup.org/community/2014/05/complete_set_of_nac_standards_from_ietf_and_tcg> >> >> >> >> So we have achieved our goal of getting one set of >> standards for >> posture assessment. >> >> This WG will now be closed. The email list will stay open for >> any needed discussions. >> >> Thanks to all who have worked on the NEA protocols over the >> years. >> >> Good work! >> >> Steve Hanna >> >> -------- Original Message -------- >> Subject: [Nea] RFC 7171 on PT-EAP: Posture Transport (PT) >> Protocol for >> Extensible Authentication Protocol (EAP) Tunnel Methods >> Date: Wed, 7 May 2014 23:15:24 -0700 (PDT) >> From: rfc-editor@rfc-editor.org >> <mailto:rfc-editor@rfc-editor.org> >> To: ietf-announce@ietf.org <mailto:ietf-announce@ietf.org>, >> rfc-dist@rfc-editor.org <mailto:rfc-dist@rfc-editor.org> >> CC: drafts-update-ref@iana.org >> <mailto:drafts-update-ref@iana.org>, nea@ietf.org >> <mailto:nea@ietf.org>, rfc-editor@rfc-editor.org >> <mailto:rfc-editor@rfc-editor.org> >> >> A new Request for Comments is now available in online RFC >> libraries. >> >> >> RFC 7171 >> >> Title: PT-EAP: Posture Transport (PT) Protocol >> for Extensible Authentication Protocol >> (EAP) Tunnel >> Methods >> Author: N. Cam-Winget, P. Sangster >> Status: Standards Track >> Stream: IETF >> Date: May 2014 >> Mailbox: ncamwing@cisco.com >> <mailto:ncamwing@cisco.com>, >> paul_sangster@symantec.com >> <mailto:paul_sangster@symantec.com> >> Pages: 19 >> Characters: 45604 >> Updates/Obsoletes/SeeAlso: None >> >> I-D Tag: draft-ietf-nea-pt-eap-09.txt >> >> URL: http://www.rfc-editor.org/rfc/__rfc7171.txt >> <http://www.rfc-editor.org/rfc/rfc7171.txt> >> >> This document specifies PT-EAP, a Posture Transport (PT) >> protocol >> based on the Extensible Authentication Protocol (EAP) and >> designed to >> be used only inside an EAP tunnel method protected by >> Transport Layer >> Security (TLS). The document also describes the intended >> applicability of PT-EAP. >> >> This document is a product of the Network Endpoint >> Assessment Working >> Group of the IETF. >> >> This is now a Proposed Standard. >> >> STANDARDS TRACK: This document specifies an Internet >> standards track >> protocol for the Internet community,and requests >> discussion and >> suggestions >> for improvements. Please refer to the current edition of >> the Internet >> Official Protocol Standards (STD 1) for the standardization >> state and >> status of this protocol. Distribution of this memo is >> unlimited. >> >> This announcement is sent to the IETF-Announce and rfc-dist >> lists. >> To subscribe or unsubscribe, see >> http://www.ietf.org/mailman/__listinfo/ietf-announce >> <http://www.ietf.org/mailman/listinfo/ietf-announce> >> http://mailman.rfc-editor.org/__mailman/listinfo/rfc-dist >> <http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist> >> >> For searching the RFC series, see >> http://www.rfc-editor.org/__search >> <http://www.rfc-editor.org/search> >> For downloading RFCs, see >> http://www.rfc-editor.org/rfc.__html >> <http://www.rfc-editor.org/rfc.html> >> >> Requests for special distribution should be addressed to >> either the >> author of the RFC in question, or to >> rfc-editor@rfc-editor.org >> <mailto:rfc-editor@rfc-editor.org>. Unless >> specifically noted otherwise on the RFC itself, all RFCs >> are for >> unlimited distribution. >> >> >> The RFC Editor Team >> Association Management Solutions, LLC >> >> >> _________________________________________________ >> Nea mailing list >> Nea@ietf.org <mailto:Nea@ietf.org> >> https://www.ietf.org/mailman/__listinfo/nea >> <https://www.ietf.org/mailman/listinfo/nea> >> >> >> _________________________________________________ >> Nea mailing list >> Nea@ietf.org <mailto:Nea@ietf.org> >> https://www.ietf.org/mailman/__listinfo/nea >> <https://www.ietf.org/mailman/listinfo/nea> >> >> >> ----- >> No virus found in this message. >> Checked by AVG - www.avg.com <http://www.avg.com> >> Version: 2014.0.4577 / Virus Database: 3931/7462 - Release >> Date: 05/08/14 >> >> >> >> >> _________________________________________________ >> Nea mailing list >> Nea@ietf.org <mailto:Nea@ietf.org> >> https://www.ietf.org/mailman/__listinfo/nea >> <https://www.ietf.org/mailman/listinfo/nea> >> >> > > _______________________________________________ > Nea mailing list > Nea@ietf.org > https://www.ietf.org/mailman/listinfo/nea -- ====================================================================== Andreas Steffen andreas.steffen@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]==
- [Nea] RFC 7171 on PT-EAP: Posture Transport (PT) … rfc-editor
- [Nea] Congrats on Job Well Done Steve Hanna
- Re: [Nea] Congrats on Job Well Done TGLASSEY
- Re: [Nea] Congrats on Job Well Done Steve Hanna
- Re: [Nea] Congrats on Job Well Done Joe Klein
- Re: [Nea] Congrats on Job Well Done Steve Hanna
- Re: [Nea] Congrats on Job Well Done Andreas Steffen