Re: [pcp] Fwd: Comparison of PCP authentication
Subir Das <subirdas21@gmail.com> Wed, 29 August 2012 17:19 UTC
Return-Path: <subirdas21@gmail.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D29C21F861C for <pcp@ietfa.amsl.com>; Wed, 29 Aug 2012 10:19:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oySIBP1KBCDm for <pcp@ietfa.amsl.com>; Wed, 29 Aug 2012 10:19:31 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id C5E2821F8615 for <pcp@ietf.org>; Wed, 29 Aug 2012 10:19:30 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so1046240vbb.31 for <pcp@ietf.org>; Wed, 29 Aug 2012 10:19:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=lxgRZ5G2EAtOAxl7zLGOIoS+kYS3xVFSldmgOTU73ZU=; b=kxq3e6Fyhbh4xqzi4quoN6UjJL1gcpxVNgMNTC+0f/2mFcWUJRuIZBwbL1ZI+dRdrM Y88m3p8N+F+9TLXxWSZrIqeMXEGiENiqe8LVO+bw/7ZyqmlXl6JfMMIYRj/IQ6fqmOyt tFOFt7IRefNmI4ExdlmMsS5ulFaPPHDgAHfMMy97AmsfvRXjTBw1yMYDLqFlW1utf7rq byGNOvqjuZUQYk4LycnfdQUXYEtEZxkMPmdtyvK6TANI9/tTD7mOXu6OPKtBfzTPMpTm sfV6yhPfwXVyzCJpLAEPqmZ9aUM5cPo8XalmM+KCEi+Qrff0A6hazMjBTkumhLVDD+1k Z/5w==
MIME-Version: 1.0
Received: by 10.52.33.15 with SMTP id n15mr1221918vdi.67.1346260769879; Wed, 29 Aug 2012 10:19:29 -0700 (PDT)
Received: by 10.58.155.170 with HTTP; Wed, 29 Aug 2012 10:19:29 -0700 (PDT)
In-Reply-To: <012301cd85ff$3b451430$b1cf3c90$@com>
References: <9B57C850BB53634CACEC56EF4853FF653B6EC381@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <7FE144CF-00E3-4451-8CBE-A6A684DB7CC4@yegin.org> <067d01cd73fd$765a6c50$630f44f0$@com> <D6D2DEED-C35A-45AB-8B72-96195C308DB9@yegin.org> <57FF0F8E-1B86-410F-8B6B-C4893A28222F@lilacglade.org> <BB72B80F-0622-4A5B-A985-79D8AED13E0B@apple.com> <003b01cd7587$a111b760$e3352620$@com> <15990E87-2D59-49B1-845C-2A4CB5A1FBD6@lilacglade.org> <008801cd758f$3fd306e0$bf7914a0$@com> <C72CBD9FE3CA604887B1B3F1D145D05E2CE65225@szxeml528-mbx.china.huawei.com> <028801cd75d6$c5765490$5062fdb0$@com> <tsla9y4gptp.fsf@mit.edu> <04c901cd7658$37a740c0$a6f5c240$@com> <tslboikexlv.fsf@mit.edu> <054001cd765d$54c0f3e0$fe42dba0$@com> <0F259BA1-CEFF-4346-AFE5-3D33BB0CF0CC@lilacglade.org> <C72CBD9FE3CA604887B1B3F1D145D05E2CE756EE@szxeml528-mbs.china.huawei.com> <2340495D-0811-42DD-B0D3-636499A0D802@lilacglade.org> <CAFb8J8opi_X8fsDZnAtMGp2bajAkqepCDyxgeyGuqzGzd9D-zQ@mail.gmail.com> <CAFb8J8qsoKL+U+9YpV0wuN3yhgvncirAXc+h+XAWBX55SQPytg@mail.gmail.com> <012301cd85ff$3b451430$b1cf3c90$@com>
Date: Wed, 29 Aug 2012 13:19:29 -0400
Message-ID: <CAFb8J8r+x96De-u7M1HSbb0=UUz=Di5mypsNMV5L2_eGSrnhvQ@mail.gmail.com>
From: Subir Das <subirdas21@gmail.com>
To: Dan Wing <dwing@cisco.com>
Content-Type: multipart/alternative; boundary="20cf307c9bdcf6b66904c86ac24b"
Cc: pcp@ietf.org
Subject: Re: [pcp] Fwd: Comparison of PCP authentication
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Aug 2012 17:19:35 -0000
I also tried the audio and it was very poor. You have summarized it nicely though. I am not resisting anything, I was merely stating my takeway on Chair's statement. -Subir On Wed, Aug 29, 2012 at 11:59 AM, Dan Wing <dwing@cisco.com> wrote: > I went to the audio, to try to understand this resistance to analyzing > everything. > > The discussion of the three options started at about 77 minutes into the > audio, which is at > http://www.ietf.org/audio/ietf84/ietf84-regencya-20120802-1510-pm2.mp3. > The > audio quality is pretty poor. > > I heard: > 1. separate PCP-dedicated function: 4 hands > 2. PANA 'tunnel': ? hands (I could not hear) > 3. PCP/PANA demux: 5 hands > 4. don't care: ? hands (I could not hear) > > then, after a little more hand-raising, PANA had twice the votes of a > separate PCP-dedicated function. Alain said the direction is PANA on a > single port. I then heard myself asking at the microphone that I answered > "don't care" because I lack enough information to decide. I couldn't hear > Margaret's reply in the audio. > > > In any event, I am struggling to understand the resistance to analyzing all > three in detail. Worried a non-PANA solution will win, or the analysis > will > take an additional 15 minutes, or what? > > -d > > > -----Original Message----- > > From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of > > Subir Das > > Sent: Wednesday, August 29, 2012 6:27 AM > > To: Margaret Wasserman > > Cc: pcp@ietf.org > > Subject: [pcp] Fwd: Comparison of PCP authentication > > > > Margaret, > > I realized that I didn't copy my mail to the mailing list. > > > > Thanks, > > -Subir > > > > > > ---------- Forwarded message ---------- > > From: Subir Das <subirdas21@gmail.com> > > Date: Fri, Aug 17, 2012 at 8:29 AM > > Subject: Re: [pcp] Comparison of PCP authentication > > To: Margaret Wasserman <margaretw42@gmail.com> > > > > > > > > Hi Margaret, > > My recollection regarding conclusion was little different: > > > > We will discuss the following two PANA-based approaches and then > > decide: > > > > - PANA Encapsulated in PCP > > - PANA Demultiplexed with PCP on the same port > > > > The consensus in the room was that PANA-based approach is preferrable > > over PCP specific approach. I need to look at the meeting minutes and > > recording though. > > > > regards, > > _Subir > > > > On Thu, Aug 16, 2012 at 7:38 AM, Margaret Wasserman > > <margaretw42@gmail.com> wrote: > > > > > > > > > > Hi Dacheng, > > > > The conclusion from the meeting was that we will document all > > three approaches in our document: > > > > - PCP Specific > > - PANA Encapsulated in PCP > > - PANA Demultiplexed with PCP on the same port > > > > Then, we will have an interim PCP conference call to discuss the > > trade-offs and hopefully decide between them. > > > > > > Margaret > > > > > > > > On Aug 15, 2012, at 10:47 PM, Zhangdacheng (Dacheng) wrote: > > > > > > > > Have we got any conclusions on two approaches? Or we can > > just support the two options in the draft for the moment and briefly > > compare their pros and cons, can we? > > > > Cheers > > > > Dcheng > > > > From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] > On > > Behalf Of Margaret Wasserman > > Sent: Friday, August 10, 2012 3:21 AM > > To: Dan Wing > > Cc: pcp@ietf.org > > Subject: Re: [pcp] Comparison of PCP authentication > > > > > > On Aug 9, 2012, at 2:32 PM, Dan Wing wrote: > > > > > > > > If I'm updating security policy on a > firewall I > > want to be able to > > > > audit whether that actually happened. That > > requires authentication. > > > > > > You are saying a PCP client would only want to > update > > firewall policies > > if the PCP server supports authentication, > otherwise > > it would tell the > > user that it cannot enable the webcam, Internet- > > connected NAS, > > Internet-connected printer, etc.? > > > > > > I wont presume to guess what Sam is thinking... > > > > However, I am thinking that there will be some clients > > that are configured to perform authentication for every request. For > > example, there is no reason for a PCP proxy, running in an environment > > where authentication is required to do a THIRD-PARTY request, to > > perform a useless round-trip for every THIRD-PARTY request it issues. > > > > Margaret > > > > > > > > > > > > _______________________________________________ > > pcp mailing list > > pcp@ietf.org > > https://www.ietf.org/mailman/listinfo/pcp > > > > > > > > > > >
- [pcp] Reminder: submit IETF 84 PCP agenda requests Dave Thaler
- Re: [pcp] Reminder: submit IETF 84 PCP agenda req… Xiaohong Deng
- [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication james woodyatt
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- [pcp] single port PANA+PCP Alper Yegin
- Re: [pcp] single port PANA+PCP Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] single port PANA+PCP Alper Yegin
- Re: [pcp] single port PANA+PCP Dan Wing
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] single port PANA+PCP Dan Wing
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Dan Wing
- Re: [pcp] single port PANA+PCP Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] Comparison of PCP authentication Margaret Wasserman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- [pcp] channel binding (was Re: Comparison of PCP … Alper Yegin
- [pcp] PANA and PCP port sharing (was Re: Comparis… Alper Yegin
- Re: [pcp] Comparison of PCP authentication Sam Hartman
- Re: [pcp] channel binding Sam Hartman
- Re: [pcp] Comparison of PCP authentication Yoshihiro Ohba
- Re: [pcp] channel binding Alper Yegin
- Re: [pcp] Comparison of PCP authentication Alper Yegin
- Re: [pcp] Comparison of PCP authentication Zhangdacheng (Dacheng)
- [pcp] Fwd: Comparison of PCP authentication Subir Das
- Re: [pcp] Fwd: Comparison of PCP authentication Dan Wing
- Re: [pcp] Fwd: Comparison of PCP authentication Subir Das
- Re: [pcp] Fwd: Comparison of PCP authentication Sam Hartman