[pcp] Authentication scenarios (was Re: PANA implementatinos to consider)

[Alper Yegin <alper.yegin@yegin.org>]

>> I'd like to first understand how the client-side decides when to use authentication, and when not to?
>> Can you, or someone, explain that? Once I understand the scenarios we are trying to cover, I can come back and answer your question.
> 
> There are two cases we have considered where PCP clients may send authenticated PCP requests:
> 
> (1) Cases where the client sends an unauthenticated request and is told that authentication is required, so it retries with an authenticated request.  
> 
> (2) Cases where the client initially attempts to send an authenticated request.
> 
> In the first case, the PCP Server will (we hope :-)) not return the "authentication required" error if it doesn't actually support authentication.  But, in the second case, a client may try to send an authenticated request to a PCP Server that does not support authentication.  Obviously, an error will result, be we want to be certain that the error can be properly detected and returned to the user, so that the user can understand what went wrong.
> 


Few questions:

- Why is there an unauthenticated case? Or, under what real-life scenarios would authentication be necessary? And under what real-life scenarios would authentication be unnecessary? 

- If authentication is optional, is it client's preference to use it, or network's? Would client ever attempt to use it w/o knowing network's preference? Would it bail out if network does not support/use it? 

- Are we talking about optional to use or optional to implement? You mentioned "PCP Server that does not support authentication".


Thanks.

Alper




> Margaret
> 
>