Re: [pcp] Comparison of PCP authentication
Margaret Wasserman <margaretw42@gmail.com> Thu, 16 August 2012 11:38 UTC
Return-Path: <margaretw42@gmail.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3D9A21F85ED for <pcp@ietfa.amsl.com>; Thu, 16 Aug 2012 04:38:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5M1m-MNJxUZY for <pcp@ietfa.amsl.com>; Thu, 16 Aug 2012 04:38:37 -0700 (PDT)
Received: from mail-qc0-f172.google.com (mail-qc0-f172.google.com [209.85.216.172]) by ietfa.amsl.com (Postfix) with ESMTP id CEF2221F85DF for <pcp@ietf.org>; Thu, 16 Aug 2012 04:38:36 -0700 (PDT)
Received: by qcac10 with SMTP id c10so2224522qca.31 for <pcp@ietf.org>; Thu, 16 Aug 2012 04:38:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer; bh=GJqBcUv5AT5hjHTYXGkT2lrEA6tdQ+G7FUbPT36DqRg=; b=mjnI5a112Q37tht6m1BDKjX7OvfQiNxEThfFXiZZu/C9Dh5GDzv4RSHnoeIpp8UzCn jPLOpeW+Xl3BFxgs89zC+xopzK1VXH8Rk7Z6lP4kyZM7GA9SOkIpofKf/Vs/+UjPgH59 ZxeMuzPoFDP21tsZyRiYCcVim/cuHtZv79YggtPLaxD9LqqWil9Cqmq5Di1EdHHTyTZ9 uuhU8ObLmetctnfMVI8jF48tyP+qF56uRvP2tUnSxo9QHHiUtI+5c8Czk0dRVo1HfvLW l9lu1hqCdhgRv8gxYfEKEnKgxIJWOddZdDh6OZ8LypQq8vMBHgr1IpfbNKL84anKuSie 0erA==
Received: by 10.224.213.194 with SMTP id gx2mr2473226qab.11.1345117116058; Thu, 16 Aug 2012 04:38:36 -0700 (PDT)
Received: from lilac-too.home (pool-71-184-120-122.bstnma.fios.verizon.net. [71.184.120.122]) by mx.google.com with ESMTPS id s9sm6309530qaa.7.2012.08.16.04.38.31 (version=SSLv3 cipher=OTHER); Thu, 16 Aug 2012 04:38:34 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary="Apple-Mail-10--409792648"
From: Margaret Wasserman <margaretw42@gmail.com>
In-Reply-To: <C72CBD9FE3CA604887B1B3F1D145D05E2CE756EE@szxeml528-mbs.china.huawei.com>
Date: Thu, 16 Aug 2012 07:38:30 -0400
Message-Id: <2340495D-0811-42DD-B0D3-636499A0D802@lilacglade.org>
References: <9B57C850BB53634CACEC56EF4853FF653B6EC381@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <7FE144CF-00E3-4451-8CBE-A6A684DB7CC4@yegin.org> <067d01cd73fd$765a6c50$630f44f0$@com> <D6D2DEED-C35A-45AB-8B72-96195C308DB9@yegin.org> <57FF0F8E-1B86-410F-8B6B-C4893A28222F@lilacglade.org> <BB72B80F-0622-4A5B-A985-79D8AED13E0B@apple.com> <003b01cd7587$a111b760$e3352620$@com> <15990E87-2D59-49B1-845C-2A4CB5A1FBD6@lilacglade.org> <008801cd758f$3fd306e0$bf7914a0$@com> <C72CBD9FE3CA604887B1B3F1D145D05E2CE65225@szxeml528-mbx.china.huawei.com> <028801cd75d6$c5765490$5062fdb0$@com> <tsla9y4gptp.fsf@mit.edu> <04c901cd7658$37a740c0$a6f5c240$@com> <tslboikexlv.fsf@mit.edu> <054001cd765d$54c0f3e0$fe42dba0$@com> <0F259BA1-CEFF-4346-AFE5-3D33BB0CF0CC@lilacglade.org> <C72CBD9FE3CA604887B1B3F1D145D05E2CE756EE@szxeml528-mbs.china.huawei.com>
To: "Zhangdacheng (Dacheng)" <zhangdacheng@huawei.com>
X-Mailer: Apple Mail (2.1084)
Cc: pcp@ietf.org
Subject: Re: [pcp] Comparison of PCP authentication
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Aug 2012 11:38:37 -0000
Hi Dacheng, The conclusion from the meeting was that we will document all three approaches in our document: - PCP Specific - PANA Encapsulated in PCP - PANA Demultiplexed with PCP on the same port Then, we will have an interim PCP conference call to discuss the trade-offs and hopefully decide between them. Margaret On Aug 15, 2012, at 10:47 PM, Zhangdacheng (Dacheng) wrote: > Have we got any conclusions on two approaches? Or we can just support the two options in the draft for the moment and briefly compare their pros and cons, can we? > > Cheers > > Dcheng > > From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of Margaret Wasserman > Sent: Friday, August 10, 2012 3:21 AM > To: Dan Wing > Cc: pcp@ietf.org > Subject: Re: [pcp] Comparison of PCP authentication > > > On Aug 9, 2012, at 2:32 PM, Dan Wing wrote: > > If I'm updating security policy on a firewall I want to be able to > audit whether that actually happened. That requires authentication. > > You are saying a PCP client would only want to update firewall policies > if the PCP server supports authentication, otherwise it would tell the > user that it cannot enable the webcam, Internet-connected NAS, > Internet-connected printer, etc.? > > I wont presume to guess what Sam is thinking... > > However, I am thinking that there will be some clients that are configured to perform authentication for every request. For example, there is no reason for a PCP proxy, running in an environment where authentication is required to do a THIRD-PARTY request, to perform a useless round-trip for every THIRD-PARTY request it issues. > > Margaret > >
- [pcp] Reminder: submit IETF 84 PCP agenda requests Dave Thaler
- Re: [pcp] Reminder: submit IETF 84 PCP agenda req… Xiaohong Deng
- [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication james woodyatt
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- [pcp] single port PANA+PCP Alper Yegin
- Re: [pcp] single port PANA+PCP Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] single port PANA+PCP Alper Yegin
- Re: [pcp] single port PANA+PCP Dan Wing
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] single port PANA+PCP Dan Wing
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] single port PANA+PCP Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- [pcp] channel binding (was Re: Comparison of PCP … Alper Yegin
- [pcp] PANA and PCP port sharing (was Re: Comparis… Alper Yegin
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] channel binding Sam Hartman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] channel binding Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- [pcp] Fwd: Comparison of PCP authentication Subir Das
- Re: [pcp] Fwd: Comparison of PCP authentication Dan Wing
- Re: [pcp] Fwd: Comparison of PCP authentication Subir Das
- Re: [pcp] Fwd: Comparison of PCP authentication Sam Hartman