Re: [pcp] Implementation Analysis: strong preference for PCP-specific approach
Yasuyuki Tanaka <yatch@isl.rdc.toshiba.co.jp> Tue, 18 September 2012 05:38 UTC
Return-Path: <yatch@isl.rdc.toshiba.co.jp>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 255E221E80B0 for <pcp@ietfa.amsl.com>; Mon, 17 Sep 2012 22:38:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.089
X-Spam-Level:
X-Spam-Status: No, score=-4.089 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sw0a1corb25J for <pcp@ietfa.amsl.com>; Mon, 17 Sep 2012 22:38:47 -0700 (PDT)
Received: from imx2.toshiba.co.jp (inet-tsb5.toshiba.co.jp [202.33.96.24]) by ietfa.amsl.com (Postfix) with ESMTP id 4576021E804A for <pcp@ietf.org>; Mon, 17 Sep 2012 22:38:46 -0700 (PDT)
Received: from arc1.toshiba.co.jp ([133.199.194.235]) by imx2.toshiba.co.jp with ESMTP id q8I5cjpt005355 for <pcp@ietf.org>; Tue, 18 Sep 2012 14:38:45 +0900 (JST)
Received: (from root@localhost) by arc1.toshiba.co.jp id q8I5cjBY006515 for pcp@ietf.org; Tue, 18 Sep 2012 14:38:45 +0900 (JST)
Received: from unknown [133.199.192.144] by arc1.toshiba.co.jp with ESMTP id QAA06502; Tue, 18 Sep 2012 14:38:45 +0900
Received: from mx12.toshiba.co.jp (localhost [127.0.0.1]) by ovp2.toshiba.co.jp with ESMTP id q8I5ciuC011426 for <pcp@ietf.org>; Tue, 18 Sep 2012 14:38:44 +0900 (JST)
Received: from spiffy21.isl.rdc.toshiba.co.jp by toshiba.co.jp id q8I5ciqi005144; Tue, 18 Sep 2012 14:38:44 +0900 (JST)
Received: from [133.196.16.99] (ncg-dhcp99.isl.rdc.toshiba.co.jp [133.196.16.99]) by spiffy21.isl.rdc.toshiba.co.jp (Postfix) with ESMTPS id 5F85497CCA; Tue, 18 Sep 2012 14:38:44 +0900 (JST)
Message-ID: <505808E4.60609@isl.rdc.toshiba.co.jp>
Date: Tue, 18 Sep 2012 14:38:44 +0900
From: Yasuyuki Tanaka <yatch@isl.rdc.toshiba.co.jp>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120824 Thunderbird/15.0
MIME-Version: 1.0
To: hartmans@painless-security.com
References: <tslipbdzzwy.fsf@mit.edu>
In-Reply-To: <tslipbdzzwy.fsf@mit.edu>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: pcp@ietf.org
Subject: Re: [pcp] Implementation Analysis: strong preference for PCP-specific approach
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Sep 2012 05:38:48 -0000
Hi, I'm an implementor of CPANA. I have two additions to your analysis. Firstly, you can add RADIUS support to CPANA by using FreeBSD's libradius. For this purpose, we provide the option, "--with-libradius", for the "configure" script of CPANA. Secondly, you can also adapt third-party EAP implementations to CPANA, though I've never tried. Hope this helps. Best regards, Yasuyuki Tanaka > CPANA > > See http://sf.net/projects/cpana > > At first glance, CPANA looks promising. It's designed as a library for > others to integrate PANA into their environments. > CPANA is distributed under the BSD license. > > Unfortunately, I quickly decided that CPANA was not a credible start > point in my opinion. The project has received 11 code commits over its > entire lifetime; I think 1 or 2 commits this year. > Despite claims that "docs are coming soon," in 2010, I was able to find > no documentation. There doesn't seem to be good separation of what is a > public interface from what is an internal interface; cpana.h includes > all the internal header files. > The example applications don't separate example-specific functionality > like reading config files well from using the library, so I wasn't able > to get a feel for what it would be like to use the library in a > non-sample application. > On a positive note, there did seem to be an abstraction around where > responses went; it might be easier-than-expected to use CPANA in an > encapsulation or demultiplexing approach. > There's one additional huge problem with CPANA. It includes its own > rather limited EAP library which does not appear to support any of the > tunnel methods. On the server there appears to be no RADIUS support. > If I were writing a PANA library I planned to maintain for years, I'd > seriously evaluate taking chunks of code from CPANA. > If CPANA gets significant new development effort it may turn into > something interesting. I like the goal of separating library from application.
- Re: [pcp] Implementation Analysis: strong prefere… Yoshihiro Ohba
- [pcp] Implementation Analysis: strong preference … Sam Hartman
- Re: [pcp] Implementation Analysis: strong prefere… Alper Yegin
- Re: [pcp] Implementation Analysis: strong prefere… Sam Hartman
- Re: [pcp] Implementation Analysis: strong prefere… Yasuyuki Tanaka
- Re: [pcp] Implementation Analysis: strong prefere… Alper Yegin
- Re: [pcp] Implementation Analysis: strong prefere… Rafa Marin Lopez
- Re: [pcp] Implementation Analysis: strong prefere… Margaret Wasserman
- Re: [pcp] Implementation Analysis: strong prefere… Margaret Wasserman
- Re: [pcp] Implementation Analysis: strong prefere… Alper Yegin
- Re: [pcp] Implementation Analysis: strong prefere… Margaret Wasserman