[Fwd: Re: DISCUSS: draft-ietf-radext-tcp-transport]
Alan DeKok <aland@deployingradius.com> Thu, 20 May 2010 11:41 UTC
Return-Path: <owner-radiusext@ops.ietf.org>
X-Original-To: ietfarch-radext-archive-IeZ9sae2@core3.amsl.com
Delivered-To: ietfarch-radext-archive-IeZ9sae2@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6F0863A6B34 for <ietfarch-radext-archive-IeZ9sae2@core3.amsl.com>; Thu, 20 May 2010 04:41:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.329
X-Spam-Level: *
X-Spam-Status: No, score=1.329 tagged_above=-999 required=5 tests=[AWL=-0.776, BAYES_50=0.001, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X2caGCrMK+nn for <ietfarch-radext-archive-IeZ9sae2@core3.amsl.com>; Thu, 20 May 2010 04:41:36 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 9CD1F3A6AE1 for <radext-archive-IeZ9sae2@lists.ietf.org>; Thu, 20 May 2010 04:41:35 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-radiusext@ops.ietf.org>) id 1OF43e-000DOU-OY for radiusext-data0@psg.com; Thu, 20 May 2010 11:36:58 +0000
Received: from [88.191.76.128] (helo=liberty.deployingradius.com) by psg.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <aland@deployingradius.com>) id 1OF43b-000DNv-GE for radiusext@ops.ietf.org; Thu, 20 May 2010 11:36:55 +0000
Message-ID: <4BF51ED5.1070200@deployingradius.com>
Date: Thu, 20 May 2010 13:36:53 +0200
From: Alan DeKok <aland@deployingradius.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: 'radext mailing list' <radiusext@ops.ietf.org>
Subject: [Fwd: Re: DISCUSS: draft-ietf-radext-tcp-transport]
X-Enigmail-Version: 0.96.0
Content-Type: multipart/mixed; boundary="------------080907070903070702030304"
Sender: owner-radiusext@ops.ietf.org
Precedence: bulk
List-ID: <radiusext.ops.ietf.org>
--- Begin Message ---Ralph Droms wrote: > Discuss: > This Discuss is related to Tim's Discuss. This text: > > "Bare" TCP transport MAY, however, be used when another method such > as IPSec [RFC4301] is used to provide additional confidentiality and > security. Should experience show that such deployments are useful, > this specification could be moved to standards track. > > is confusing. Why would experience with "bare" TCP or IPSec TCP cause draft-ietf-radext-tcp-transport to progress to Standards Track? The wording was the suggestion of another IESG review... > Similarly, from the Abstract: > > It [draft-ietf-radext-tcp-transport-06.txt] is not intended > to define TCP as a transport protocol for RADIUS in the absence of > TLS. > > while several of the motivations for RADIUS over TCP in section 1.1 are not specific to RADIUS with TLS. Yes. The wide-spread adoption of DTLS is recent. Implementations chose TLS for RADIUS transport because it was widely available. Choosing TLS required TCP transport, hence this document. I suggest adding text to that section: ... The choice of TCP as a transport protocol is largely driven by the desire to improve the security of RADIUS by using RADIUS over TLS. For practical reasons, the transport protocol (TCP) is defined separately from the security mechanism (TLS). ... Alan DeKok.--- End Message ---
- FW: DISCUSS: draft-ietf-radext-tcp-transport Romascanu, Dan (Dan)
- FW: DISCUSS: draft-ietf-radext-tcp-transport Romascanu, Dan (Dan)
- [Fwd: Re: DISCUSS: draft-ietf-radext-tcp-transpor… Alan DeKok
- [Fwd: Re: DISCUSS: draft-ietf-radext-tcp-transpor… Alan DeKok