Re: draft-ietf-radext-digest-auth-06
Miguel Garcia <Miguel.An.Garcia@nokia.com> Tue, 18 October 2005 19:35 UTC
Envelope-to: radiusext-data@psg.com
Delivery-date: Tue, 18 Oct 2005 19:36:21 +0000
Message-ID: <43554E8A.7060207@nokia.com>
Date: Tue, 18 Oct 2005 22:35:38 +0300
From: Miguel Garcia <Miguel.An.Garcia@nokia.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)
MIME-Version: 1.0
To: "Nelson, David" <dnelson@enterasys.com>
CC: radiusext@ops.ietf.org
Subject: Re: draft-ietf-radext-digest-auth-06
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
As far as I know version -06 is not available yet. The latest available version is -05, where the issue is still present. Once we have seen version -06 or a preliminary version I can comment. /Miguel Nelson, David wrote: > Does this resolve RADEXT Issue 138? > > >>The latest version of the draft does no longer contain a link between >>sips/https and >>RADIUS. However, the Security Considerations section names refusing >>sips/https request as one non-normative option to avoid the security >>level mismatch of sips/https and unencrypted RADIUS: >> >>"To prevent RADIUS from representing the weak link, a RADIUS >>client receiving an HTTP-style request via TLS or IPsec could use an >>equally secure connection to the RADIUS server. There are several >>ways to achieve this, for example: >> o the RADIUS client may reject HTTP-style requests received over > > TLS > >> or IPsec >> o the RADIUS client require that traffic be sent and received over >> IPsec. >>RADIUS over IPsec, if used, MUST conform to the requirements >>described in [RFC3579] section 4.2." > > -- Miguel A. Garcia tel:+358-50-4804586 sip:miguel.an.garcia@openlaboratory.net Nokia Research Center Helsinki, Finland -- to unsubscribe send a message to radiusext-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/radiusext/>
- Re: draft-ietf-radext-digest-auth-06 Miguel Garcia
- RE: draft-ietf-radext-digest-auth-06 Nelson, David
- Re: draft-ietf-radext-digest-auth-06 Emile van Bergen
- draft-ietf-radext-digest-auth-06 wolfgang.beck01@t-online.de