IETF Logo Mail Archive

Re: [radext] Proposed new charter text

Stefan Winter <stefan.winter@restena.lu> Fri, 29 May 2015 06:44 UTC

Return-Path: <stefan.winter@restena.lu>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 125261B2A59 for <radext@ietfa.amsl.com>; Thu, 28 May 2015 23:44:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.791
X-Spam-Level:
X-Spam-Status: No, score=0.791 tagged_above=-999 required=5 tests=[BAYES_50=0.8, T_RP_MATCHES_RCVD=-0.01, WEIRD_PORT=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K7ZeR4h70tlo for <radext@ietfa.amsl.com>; Thu, 28 May 2015 23:44:13 -0700 (PDT)
Received: from smtprelay.restena.lu (smtprelay.restena.lu [IPv6:2001:a18:1::62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDC191A01A8 for <radext@ietf.org>; Thu, 28 May 2015 23:44:12 -0700 (PDT)
Received: from aragorn.restena.lu (aragorn.restena.lu [IPv6:2001:a18:1:8::155]) by smtprelay.restena.lu (Postfix) with ESMTPS id 549CD43975 for <radext@ietf.org>; Fri, 29 May 2015 08:44:10 +0200 (CEST)
Message-ID: <55680ABA.1090704@restena.lu>
Date: Fri, 29 May 2015 08:44:10 +0200
From: Stefan Winter <stefan.winter@restena.lu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: radext@ietf.org
References: <5502B836.5000100@restena.lu> <5541DB22.1070406@restena.lu>
In-Reply-To: <5541DB22.1070406@restena.lu>
OpenPGP: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="FWm3quKs61g93J4oNCLTLiVNPIxs10I0I"
Archived-At: <http://mailarchive.ietf.org/arch/msg/radext/FowNShRLT5M0GMRd1YfhSLGZe-I>
Subject: Re: [radext] Proposed new charter text
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2015 06:44:15 -0000

Hello,

after Alan's plea (and noone objecting to it), let me have another go at
the CoA proxying text which is hopefully in a shape everybody can agree
to - and if not, will at least reach rough consensus.

> - CoA proxying.  RFC 5176 permits proxying of CoA and Disconnect
> messages, but makes no provisions for how that is done in a roaming
> environment.  This work item will provide descriptions of how to use
> the Operator-Name attribute in a roaming environment to proxy CoA
> packets in a way that ensures only authorized proxies can send these
> packets to the home CoA server.
> The document will be Informational, in line with the CoA document
> (RFC5176).

Please let the list know in the coming two weeks (Friday, 12 June) if
you have objections against this text.

Greetings,

Stefan Winter

> we still don't seem to have agreement on the updated charter text.
> Luckily, all the discussions revolved around one single work item, CoA
> proxying.
> 
> Some folks want the spec to tackle RFC5176's "Authorization Issues"
> security consideration, and there are ideas around this floating on the
> mailing list. Others just want to solve the routing issue, and leave the
> security issues for another document.
> 
> From the discussions on the list so far, I'm not seeing a clear
> direction, but I also don't want this to hold up the recharter.
> 
> So, may I suggest a more general text; and that we leave the exact shape
> of the document to the WG process once the document is in-charter and
> the individual draft adopted?
> 
> My suggestion would be:
> 
>> - CoA proxying.  RFC 5176 permits proxying of CoA and Disconnect
>> messages, but makes no provisions for how that is done in a roaming
>> environment.  This work item will provide descriptions of how to use the
>> Operator-Name attribute in a roaming environment to proxy CoA packets. > Depending on whether the document can tackle the security issues
>> around CoA as enumerated in RFC5176, the document will either be
>> Informational or Standards-Track.
> 
> Greetings,
> 
> Stefan Winter
> 
> 
> 
> _______________________________________________
> radext mailing list
> radext@ietf.org
> https://www.ietf.org/mailman/listinfo/radext
> 


-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

v2.23.0 | Report a Bug | By Email