IETF Logo Mail Archive

[pcp] Fwd: Comparison of PCP authentication

Subir Das <subirdas21@gmail.com> Wed, 29 August 2012 13:26 UTC

Return-Path: <subirdas21@gmail.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C79021F865B for <pcp@ietfa.amsl.com>; Wed, 29 Aug 2012 06:26:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YnBxG6coXxPx for <pcp@ietfa.amsl.com>; Wed, 29 Aug 2012 06:26:55 -0700 (PDT)
Received: from mail-vc0-f172.google.com (mail-vc0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 534CA21F866B for <pcp@ietf.org>; Wed, 29 Aug 2012 06:26:55 -0700 (PDT)
Received: by vcbfo14 with SMTP id fo14so740400vcb.31 for <pcp@ietf.org>; Wed, 29 Aug 2012 06:26:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=7ZbIY/lez4vunwDQ82Siy3tKUa4ehJ09MNFKSkoPzCg=; b=benDINbO3ApInM46qM+TKU4iC1aH+4jCPPC23KPBeWjAbWCkybnrhRtPl8KVoScG75 h1TzmMZBf/uMgr3mCG8sfkVxvWdnuMtc+J2VWp5m2acfx31TklZkVOXGXcb/e3JjgwXm YqNvM6+vEA1UfX0RtpmDlPSOffsOLG6XipXWyhkUtLM/1ql+0mmExvXtgS75GG1z6oRm 0X6JyobfMpXZkLDP118v01PLLoLOdXFXFFsZSp0xvLND0db1+XZ/0t/ChVnkdw8rej5E zn4FVrKabRfQXufcj2vcWCOsym5XOkhoS9h90v9HjdJ5CYZ9pJf65eMRiMviMx5SuNY4 WoSg==
MIME-Version: 1.0
Received: by 10.220.150.211 with SMTP id z19mr1109497vcv.48.1346246814493; Wed, 29 Aug 2012 06:26:54 -0700 (PDT)
Received: by 10.58.155.170 with HTTP; Wed, 29 Aug 2012 06:26:54 -0700 (PDT)
In-Reply-To: <CAFb8J8opi_X8fsDZnAtMGp2bajAkqepCDyxgeyGuqzGzd9D-zQ@mail.gmail.com>
References: <9B57C850BB53634CACEC56EF4853FF653B6EC381@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <7FE144CF-00E3-4451-8CBE-A6A684DB7CC4@yegin.org> <067d01cd73fd$765a6c50$630f44f0$@com> <D6D2DEED-C35A-45AB-8B72-96195C308DB9@yegin.org> <57FF0F8E-1B86-410F-8B6B-C4893A28222F@lilacglade.org> <BB72B80F-0622-4A5B-A985-79D8AED13E0B@apple.com> <003b01cd7587$a111b760$e3352620$@com> <15990E87-2D59-49B1-845C-2A4CB5A1FBD6@lilacglade.org> <008801cd758f$3fd306e0$bf7914a0$@com> <C72CBD9FE3CA604887B1B3F1D145D05E2CE65225@szxeml528-mbx.china.huawei.com> <028801cd75d6$c5765490$5062fdb0$@com> <tsla9y4gptp.fsf@mit.edu> <04c901cd7658$37a740c0$a6f5c240$@com> <tslboikexlv.fsf@mit.edu> <054001cd765d$54c0f3e0$fe42dba0$@com> <0F259BA1-CEFF-4346-AFE5-3D33BB0CF0CC@lilacglade.org> <C72CBD9FE3CA604887B1B3F1D145D05E2CE756EE@szxeml528-mbs.china.huawei.com> <2340495D-0811-42DD-B0D3-636499A0D802@lilacglade.org> <CAFb8J8opi_X8fsDZnAtMGp2bajAkqepCDyxgeyGuqzGzd9D-zQ@mail.gmail.com>
Date: Wed, 29 Aug 2012 09:26:54 -0400
Message-ID: <CAFb8J8qsoKL+U+9YpV0wuN3yhgvncirAXc+h+XAWBX55SQPytg@mail.gmail.com>
From: Subir Das <subirdas21@gmail.com>
To: Margaret Wasserman <margaretw42@gmail.com>
Content-Type: multipart/alternative; boundary="f46d043c8224286b4204c8678370"
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: [pcp] Fwd: Comparison of PCP authentication
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Aug 2012 13:26:56 -0000

Margaret,
I realized that I didn't copy my  mail to the mailing list.

Thanks,
-Subir

---------- Forwarded message ----------
From: Subir Das <subirdas21@gmail.com>
Date: Fri, Aug 17, 2012 at 8:29 AM
Subject: Re: [pcp] Comparison of PCP authentication
To: Margaret Wasserman <margaretw42@gmail.com>


Hi Margaret,
My recollection regarding conclusion was little different:

We will discuss  the following two PANA-based approaches and then decide:

- PANA Encapsulated in PCP
- PANA Demultiplexed with PCP on the same port

The consensus in the room  was that PANA-based approach is preferrable over
PCP specific approach. I need to look at the meeting minutes and recording
though.

regards,
_Subir

On Thu, Aug 16, 2012 at 7:38 AM, Margaret Wasserman
<margaretw42@gmail.com>wrote:

>
>
> Hi Dacheng,
>
> The conclusion from the meeting was that we will document all three
> approaches in our document:
>
> - PCP Specific
> - PANA Encapsulated in PCP
> - PANA Demultiplexed with PCP on the same port
>
> Then, we will have an interim PCP conference call to discuss the
> trade-offs and hopefully decide between them.
>
> Margaret
>
>
>
> On Aug 15, 2012, at 10:47 PM, Zhangdacheng (Dacheng) wrote:
>
> Have we got any conclusions on two approaches?  Or we can just support the
> two options in the draft for the moment and briefly compare their pros and
> cons, can we?****
> ** **
> Cheers****
> ** **
> Dcheng****
> ** **
> *From:* pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] *On Behalf Of *Margaret
> Wasserman
> *Sent:* Friday, August 10, 2012 3:21 AM
> *To:* Dan Wing
> *Cc:* pcp@ietf.org
> *Subject:* Re: [pcp] Comparison of PCP authentication****
> ** **
> ** **
> On Aug 9, 2012, at 2:32 PM, Dan Wing wrote:****
>
> ** **
>
> If I'm updating security policy on a firewall I want to be able to****
>
> audit whether that actually happened.  That requires authentication.****
>
>
> You are saying a PCP client would only want to update firewall policies
> if the PCP server supports authentication, otherwise it would tell the
> user that it cannot enable the webcam, Internet-connected NAS,
> Internet-connected printer, etc.?****
>
> ** **
> I wont presume to guess what Sam is thinking...****
> ** **
> However, I am thinking that there will be some clients  that are
> configured to perform authentication for every request.  For example, there
> is no reason for a PCP proxy, running in an environment where
> authentication is required to do a THIRD-PARTY request, to perform a
> useless round-trip for every THIRD-PARTY request it issues.  ****
> ** **
> Margaret****
> ** **
> ** **
>
>
>
> _______________________________________________
> pcp mailing list
> pcp@ietf.org
> https://www.ietf.org/mailman/listinfo/pcp
>
>

v2.23.0 | Report a Bug | By Email