Re: [radext] #148: Review of dynamic-discovery by Jim Schaad

[Stefan Winter <stefan.winter@restena.lu>]

Hi,

> I'm missing something here.  I'm not arguing that eduroam should use
> certificate validation. I'm simply arguing that there should be a MTI
> certificate validation strategy.  We're documenting a generic mechanism
> here, not eduroam practice, right?  I agree we want eduroam to comply
> with the spec, but an MTI security mechanism you choose not to use in
> your enviroment doesn't violate the spec.

My issue is not that the MTI mechanism would not be identical to what
eduroam does; far from it.

My issue is that this particular mechanism is known to have scalability
issues by practical experimentation. Of course we could make it MTI
anyway. The consequence might well be that we require code in conforming
servers that is later "never" used because its practical implications
are clumsy.

That would be "specifying MTI for MTI's sake" - without much real value
in the real world, and code being written for no reason other than to
comply with the "law". I don't really like that situation.

Of course our scalability problems could be entirely homemade and not
applicable to the rest of the world, and every other deployer will find
the MTI mechanism as sketched perfectly fine, and the implementation
code will be put to good use.

Then I'd have no issues with specifying this; eduroam would simply be
doing its own thing anyway. It's just that I'm not really convinced that
this is the case.

Greetings,

Stefan

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473