IETF Logo Mail Archive

Re: [radext] Review of draft-winter-radext-populating-eapidentity-01

Sam Hartman <hartmans@painless-security.com> Mon, 20 July 2015 12:25 UTC

Return-Path: <hartmans@painless-security.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 793441A1B07 for <radext@ietfa.amsl.com>; Mon, 20 Jul 2015 05:25:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RgYdVtT5cUup for <radext@ietfa.amsl.com>; Mon, 20 Jul 2015 05:25:00 -0700 (PDT)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E0BD1A024E for <radext@ietf.org>; Mon, 20 Jul 2015 05:25:00 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 3796E20754; Mon, 20 Jul 2015 08:24:40 -0400 (EDT)
Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B5R_jLg7mCZm; Mon, 20 Jul 2015 08:24:39 -0400 (EDT)
Received: from carter-zimmerman.suchdamage.org (dhcp-8970.meeting.ietf.org [31.133.137.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Mon, 20 Jul 2015 08:24:39 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 436B988672; Mon, 20 Jul 2015 08:24:57 -0400 (EDT)
From: Sam Hartman <hartmans@painless-security.com>
To: Bernard Aboba <bernard_aboba@hotmail.com>
References: <11856_1427820628_551AD054_11856_4576_1_6B7134B31289DC4FAF731D844122B36EEF6888@PEXCVZYM13.corporate.adroot.infra.ftgroup> <tsllhid84gm.fsf@mit.edu> <BLU181-W6B49664DD504DDAF5CC9F93F40@phx.gbl> <30317_1427824394_551ADF0A_30317_14370_1_6B7134B31289DC4FAF731D844122B36EEF74CD@PEXCVZYM13.corporate.adroot.infra.ftgroup> <BLU181-W86B005505E6468F75180593F40@phx.gbl> <tsl4mp182ku.fsf@mit.edu> <BA6CBD09-148F-4F8C-9B81-8A4A88B64287@deployingradius.com> <BLU406-EAS343D630A63D85F897C0EC8793F40@phx.gbl> <14078_1427880628_551BBAB4_14078_5155_1_6B7134B31289DC4FAF731D844122B36EF0B91F@PEXCVZYM13.corporate.adroot.infra.ftgroup> <190D3355-0BB7-48D5-BEA2-55773E9BD785@deployingradius.com> <24001_1437383629_55ACBBCD_24001_3716_1_6B7134B31289DC4FAF731D844122B36E01CC9ED3@OPEXCLILM43.corporate.adroot.infra.ftgroup> <BLU181-W94C6FC52C2E3CD666F631A93850@phx.gbl> <tslzj2r5aoj.fsf@mit.edu> <6155_1437393977_55ACE439_6155_10573_1_6B7134B31289DC4FAF731D844122B36E01CCA3D4@OPEXCLILM43.corporate.adroot.infra.ftgroup> <BLU406-EAS922E8820069F5C62F8D5E193850@phx.gbl>
Date: Mon, 20 Jul 2015 08:24:57 -0400
In-Reply-To: <BLU406-EAS922E8820069F5C62F8D5E193850@phx.gbl> (Bernard Aboba's message of "Mon, 20 Jul 2015 14:16:31 +0200")
Message-ID: <tslbnf7584m.fsf@mit.edu>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/radext/KQAUAVxFXfE5QDVNNQQ2MMrMX2E>
Cc: "radext@ietf.org" <radext@ietf.org>, "lionel.morand@orange.com" <lionel.morand@orange.com>
Subject: Re: [radext] Review of draft-winter-radext-populating-eapidentity-01
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 12:25:01 -0000

>>>>> "Bernard" == Bernard Aboba <bernard_aboba@hotmail.com> writes:

    Bernard> The point is that the document's recommendations are based
    Bernard> on using method specific identities to determine the
    Bernard> EAP-Response/Identity. This is fundamentally broken because
    Bernard> those identities are unrelated and the two identities need
    Bernard> not use the same formats or encodings - and as a result the
    Bernard> advice based on this incorrect assumption would result in
    Bernard> authentication failures, unacceptable delays and worse.

Bernard, at this point  I'm getting somewhat frustrated, because you're
repeating yourself.
Asserting the same thing doesn't make it true.
Your understanding of the document differs from mine.
Repeating your understanding of the document will not convince me you
are right.
Instead, I'm asking you to quote the sections of the document you
believe are based on this.

--Sam

v2.23.0 | Report a Bug | By Email