IETF Logo Mail Archive

Re: [pcp] REQ-14 in PCP Authentication Requirements

Alper Yegin <alper.yegin@yegin.org> Fri, 19 July 2013 13:22 UTC

Return-Path: <alper.yegin@yegin.org>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCE0311E812C for <pcp@ietfa.amsl.com>; Fri, 19 Jul 2013 06:22:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.561
X-Spam-Level:
X-Spam-Status: No, score=-102.561 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d8BHS7i0tyxE for <pcp@ietfa.amsl.com>; Fri, 19 Jul 2013 06:22:06 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by ietfa.amsl.com (Postfix) with ESMTP id E7E5F11E8144 for <pcp@ietf.org>; Fri, 19 Jul 2013 06:22:03 -0700 (PDT)
Received: from [192.168.2.49] (88.247.135.202.static.ttnet.com.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus2) with ESMTP (Nemesis) id 0LeeIQ-1UM6As2Xx0-00qUvV; Fri, 19 Jul 2013 09:22:01 -0400
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: text/plain; charset="iso-8859-1"
From: Alper Yegin <alper.yegin@yegin.org>
In-Reply-To: <913383AAA69FF945B8F946018B75898A14B9B7B8@xmb-rcd-x10.cisco.com>
Date: Fri, 19 Jul 2013 16:21:55 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <E38ACE41-8C07-4D10-AB26-913ACE047024@yegin.org>
References: <c91bb8469abe4b079e46454e022546e6@BY2PR03MB269.namprd03.prod.outlook.com> <913383AAA69FF945B8F946018B75898A14B9B7B8@xmb-rcd-x10.cisco.com>
To: Tirumaleswar Reddy <tireddy@cisco.com>
X-Mailer: Apple Mail (2.1283)
X-Provags-ID: V02:K0:qwLCLEkl6f64yjPhugN0IWwpBTmV3qwbepqdsPcyRK1 CfwRpwQoW1xShxSMq6mkZ7EP+8VWu6mdFR6LJS5Ju87Ok48FvT 9wIzJhDdCxYs7YjLWPbJSTH69u0ahN7eRsR6YHAm60pOgoVtWn xlg8epGe2EueyQ5bPENdB+sbIpQn5aW6ifbBSg1w6XAYclTz75 tBOfFmYFcZYunBRdynl0AJbmehMHwkuGzYeHCbq+jOckZ+bjxd zn2arFT9TQCBEa1rMFs0BAHlBWtr9Wk0gSQcXBobl6RlVoJIVi RUn1P8kXJauH8hRDZHphabHOzy/h46Crl2NrDAts5ssYrGAogX Y4Fcj3v/VXEofImQM3kDAKBpBjb/TGujngAYva8sml2/5/V7Dc ntPIHmDEJdhmQ==
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] REQ-14 in PCP Authentication Requirements
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jul 2013 13:22:11 -0000

They can use EAP-TLS with server-side-only authentication.

On Jul 17, 2013, at 9:15 AM, Tirumaleswar Reddy (tireddy) wrote:

> I have a clarification for both the drafts - how do EAP-in-PCP, PANA solutions meet REQ-14 ?
> 
> --Tiru.
> 
>> -----Original Message-----
>> From: Dave Thaler [mailto:dthaler@microsoft.com]
>> Sent: Monday, July 15, 2013 6:03 AM
>> To: pcp@ietf.org
>> Subject: [pcp] CONSENSUS CALL on PCP security
>> 
>> The WG has discussed two approaches for using EAP with PCP:
>> direct EAP-in-PCP vs using PANA.
>> 
>> At IETF 84, we polled the room and got 5 hands for direct EAP-in-PCP
>> and 10 or 11 for PANA. There was significant confusion/disagreement
>> around requirements and proposed solutions at that time.
>> 
>> At IETF 85, we again polled the room and got a different result, this
>> time 12 hands for direct EAP-in-PCP and 6 for PANA. There was, however,
>> still significant confusion/disagreement around requirements and
>> proposed solutions.
>> 
>> Since IETF 85, we have made lots of progress on getting agreement
>> on the requirements, and draft-reddy-pcp-auth-req now seems to be
>> relatively stable without significant areas of disagreement known.
>> Discussion may of course continue if new issues are raised but we
>> believe any additional changes are unlikely to affect people's
>> position on overall solution approach, i.e. direct EAP-in-PCP vs. PANA.
>> 
>> The general sense of the WG also seems to be that either approach could be
>> made to fit the requirements, so we believe it is now time for us to
>> determine consensus (draft-resnick-on-consensus is a great read)
>> on the approach question. We know many folks would just like to
>> make a decision and move on.
>> 
>> Hence the chairs would like to ask the WG which solution direction the
>> WG should pursue in meeting the requirements. Please state your
>> recommendation on this thread, preferably along with your rationale.
>> Avoid responding on this thread to others' rationale, use a separate
>> thread as needed.
>> 
>> To help us judge consensus, please use the template below and
>> respond by SUNDAY JULY 28.
>> 
>> -Dave and Reinaldo
>> 
>> ---
>> 
>> 1) Could you *live with* EAP-in-PCP? If not, state reason you would object.
>> 
>>     <NO and state reason, or YES>
>> 
>> 2) Could you *live with* PANA? If not, state reason you would object.
>> 
>>     <NO and state reason, or YES>
>> 
>> 3) If you said yes to both 1 and 2, but have a strong preference between
>> the two, which approach do you prefer and why?
>> 
>>     <EAP-in-PCP, or PANA>.  <state reason>
>> 
> 
> _______________________________________________
> pcp mailing list
> pcp@ietf.org
> https://www.ietf.org/mailman/listinfo/pcp

v2.23.0 | Report a Bug | By Email