Re: [pcp] gss-eap & client-side rexmit only
Alper Yegin <alper.yegin@yegin.org> Thu, 18 October 2012 06:05 UTC
Return-Path: <alper.yegin@yegin.org>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A14A21F85AC for <pcp@ietfa.amsl.com>; Wed, 17 Oct 2012 23:05:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.533
X-Spam-Level:
X-Spam-Status: No, score=-102.533 tagged_above=-999 required=5 tests=[AWL=0.066, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n0xTA75MYPSU for <pcp@ietfa.amsl.com>; Wed, 17 Oct 2012 23:05:02 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id 938C221F85F4 for <pcp@ietf.org>; Wed, 17 Oct 2012 23:05:02 -0700 (PDT)
Received: from [192.168.2.5] (88.247.135.202.static.ttnet.com.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus4) with ESMTP (Nemesis) id 0MgsrA-1T2mWv1M00-00M9Ui; Thu, 18 Oct 2012 02:05:00 -0400
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="us-ascii"
From: Alper Yegin <alper.yegin@yegin.org>
In-Reply-To: <6569B9B2-0B82-450A-A328-D023EFC732DA@yegin.org>
Date: Thu, 18 Oct 2012 09:04:43 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <F06C0780-EF37-435E-B45D-497111E12B47@yegin.org>
References: <14C7F4F06DB5814AB0DE29716C4F6D6702E12ABC28@FRMRSSXCHMBSB1.dc-m.alcatel-lucent.com> <CB96F2AF-7545-457D-96EB-F78B7666C00C@yegin.org> <tsl1ui0wvmo.fsf_-_@mit.edu> <E91C9554-FBCF-4324-A1BF-5C4D75F5264A@yegin.org> <9A2322BB-699A-4A71-89D5-9E3E48979272@yegin.org> <tslvcfbscqm.fsf_-_@mit.edu> <20FE79EA-9E75-49E7-9854-4AA24314FC7B@yegin.org> <36E9DFAC-47D5-4942-937F-A88CD2AD75D0@lilacglade.org> <E2495458-DA1F-4BF3-9ACE-0AAEB3836907@yegin.org> <96744887-68C7-4F9A-813E-A5563E4356E2@gmail.com> <6569B9B2-0B82-450A-A328-D023EFC732DA@yegin.org>
To: Sam Hartman <hartmans@painless-security.com>
X-Mailer: Apple Mail (2.1278)
X-Provags-ID: V02:K0:4AaxcZ9z2S4fchTBqH0d5FJVmnyET9OXB7tv1JMcEHx AGfKJK0yGJ1W7s/gBtKU34a36r5M0n3OQ70m2pkZ1sTmCzECUd Aa5gvl0Tx4hmoeArjD6f+JX8DFpkxPH49zstSCGl1hp1BsY8i7 dNl/8DHY6cIyrOEzeP5MuLZ3zv1JKsaF/vSJksj6TbyCkpYwu7 tJQtRqAQaUDarR3ZZEmGXyTrdp/9hxTyqmYZmjpbBV312LzQbt Otdn/px/8wORk2uhtyh2moMkU/1tFFqsVPFo9WpxPn3VKdNwVn 2M1vir9Gike/tF9CDrwmpVL5p83/OWOa6eg7Z0mwIdtP+7fwmO ol+uNPnv0ktloXI2L48f3iytzQlrBtNpS8Q3aR1WkRZio+pl3j 60VYwa+HHR5+Q==
Cc: pcp@ietf.org
Subject: Re: [pcp] gss-eap & client-side rexmit only
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Oct 2012 06:05:03 -0000
Sam, You claimed you can design an EAP lower layer that's always client driven, and gave GSS-EAP as an example of how you did it. So, I had already looked at it and still don't see it how. See below for the last email I sent on this matter which went unanswered. Please take a stab at it and let's progress this discussion. On Sep 20, 2012, at 4:17 PM, Alper Yegin wrote: > So, I looked at this spec. > > This, too, is server-driven. Like EAP is, unlike PCP is. > Retransmission do happen, not at the EAP layer but at the EAP-lower layer. > > Yep, there's no re-auth. It's absence is confirmed! :-) > > - What happens if server-side needs to re-key, extend lifetime, change authorization, re-challenge the client? > Say, the acceptor receives a RADIUS CoA with EAP-Request, what's going to do with it? > > Sorry folks, gss-eap as an EAP lower layer spec is incomplete. Whether you recognize and accept this today, or later when you start building complete architectures/systems with it. No worries, you can always add it. > > Alper > > > > > >
- Re: [pcp] PANA implementatinos to consider Yoshihiro Ohba
- Re: [pcp] PANA implementatinos to consider Reinaldo Penno (repenno)
- Re: [pcp] Side-by-side or nested protocols (was R… Yoshihiro Ohba
- Re: [pcp] PANA implementatinos to consider Dan Wing
- Re: [pcp] PANA implementatinos to consider Hannes Tschofenig
- Re: [pcp] PANA implementatinos to consider Sam Hartman
- Re: [pcp] PANA implementatinos to consider Hannes Tschofenig
- Re: [pcp] PANA implementatinos to consider Hannes Tschofenig
- Re: [pcp] PANA implementatinos to consider Alper Yegin
- Re: [pcp] PANA implementatinos to consider Margaret Wasserman
- Re: [pcp] PANA implementatinos to consider Margaret Wasserman
- Re: [pcp] PANA implementatinos to consider Margaret Wasserman
- Re: [pcp] PANA implementatinos to consider Yoshihiro Ohba
- Re: [pcp] PANA implementatinos to consider Alper Yegin
- Re: [pcp] PANA implementatinos to consider Margaret Wasserman
- Re: [pcp] PANA implementatinos to consider Henderickx, Wim (Wim)
- Re: [pcp] PANA implementatinos to consider Yoshihiro Ohba
- Re: [pcp] PANA implementatinos to consider Margaret Wasserman
- Re: [pcp] PANA implementatinos to consider Margaret Wasserman
- [pcp] Authentication scenarios (was Re: PANA impl… Alper Yegin
- [pcp] Side-by-side or nested protocols (was Re: P… Alper Yegin
- Re: [pcp] Side-by-side or nested protocols (was R… Henderickx, Wim (Wim)
- Re: [pcp] Authentication scenarios (was Re: PANA … Margaret Wasserman
- Re: [pcp] Side-by-side or nested protocols (was R… Alper Yegin
- Re: [pcp] [ Side-by-side or nested protocols Sam Hartman
- Re: [pcp] Authentication scenarios (was Re: PANA … Alper Yegin
- Re: [pcp] Side-by-side or nested protocols (was R… Reinaldo Penno (repenno)
- Re: [pcp] [ Side-by-side or nested protocols Alper Yegin
- Re: [pcp] Side-by-side or nested protocols (was R… Alper Yegin
- [pcp] EAP-over-PCP Alper Yegin
- Re: [pcp] EAP-over-PCP Zhangdacheng (Dacheng)
- Re: [pcp] [ Side-by-side or nested protocols Margaret Wasserman
- Re: [pcp] Side-by-side or nested protocols (was R… Margaret Wasserman
- Re: [pcp] Side-by-side or nested protocols Sam Hartman
- Re: [pcp] EAP-over-PCP Margaret Wasserman
- [pcp] EAP-over-PCP Sam Hartman
- Re: [pcp] Side-by-side or nested protocols (was R… Yoshihiro Ohba
- Re: [pcp] EAP-over-PCP Alper Yegin
- Re: [pcp] EAP-over-PCP Alper Yegin
- Re: [pcp] Side-by-side or nested protocols (was R… Alper Yegin
- Re: [pcp] EAP-over-PCP Margaret Wasserman
- Re: [pcp] Side-by-side or nested protocols (was R… Reinaldo Penno (repenno)
- Re: [pcp] EAP-over-PCP Sam Hartman
- Re: [pcp] Side-by-side or nested protocols (was R… Yoshihiro Ohba
- Re: [pcp] Side-by-side or nested protocols (was R… Alper Yegin
- Re: [pcp] EAP-over-PCP Alper Yegin
- Re: [pcp] EAP-over-PCP Alper Yegin
- Re: [pcp] EAP-over-PCP Margaret Wasserman
- Re: [pcp] EAP-over-PCP Margaret Wasserman
- Re: [pcp] EAP-over-PCP Alper Yegin
- [pcp] EAP retransmits and re-authentication Sam Hartman
- [pcp] gss-eap Alper Yegin
- Re: [pcp] EAP retransmits and re-authentication Yoshihiro Ohba
- Re: [pcp] EAP retransmits and re-authentication Sam Hartman
- Re: [pcp] EAP retransmits and re-authentication Yoshihiro Ohba
- Re: [pcp] EAP retransmits and re-authentication Sam Hartman
- Re: [pcp] EAP retransmits and re-authentication Margaret Wasserman
- Re: [pcp] EAP retransmits and re-authentication Yoshihiro Ohba
- Re: [pcp] EAP retransmits and re-authentication Sam Hartman
- Re: [pcp] EAP retransmits and re-authentication Yoshihiro Ohba
- Re: [pcp] EAP retransmits and re-authentication Alper Yegin
- Re: [pcp] gss-eap & client-side rexmit only Alper Yegin
- Re: [pcp] gss-eap & client-side rexmit only Margaret Wasserman
- Re: [pcp] gss-eap & client-side rexmit only Sam Hartman
- Re: [pcp] gss-eap & client-side rexmit only Yoshihiro Ohba
- Re: [pcp] gss-eap & client-side rexmit only Alper Yegin