draft-ietf-radext-digest-auth-06
"wolfgang.beck01@t-online.de" <wolfgang.beck01@t-online.de> Mon, 17 October 2005 10:07 UTC
Envelope-to: radiusext-data@psg.com
Delivery-date: Mon, 17 Oct 2005 10:07:43 +0000
MIME-Version: 1.0
Date: Mon, 17 Oct 2005 12:07:09 +0200
To: radiusext@ops.ietf.org
Subject: draft-ietf-radext-digest-auth-06
Cc: aboba@internaut.com, miguel.an.garcia@nokia.com
From: "wolfgang.beck01@t-online.de" <wolfgang.beck01@t-online.de>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <1ERRte-0ZvM9I0@fwd35.aul.t-online.de>
The latest version of the draft does no longer contain a link between sips/https and RADIUS. However, the Security Considerations section names refusing sips/https request as one non-normative option to avoid the security level mismatch of sips/https and unencrypted RADIUS: "To prevent RADIUS from representing the weak link, a RADIUS client receiving an HTTP-style request via TLS or IPsec could use an equally secure connection to the RADIUS server. There are several ways to achieve this, for example: o the RADIUS client may reject HTTP-style requests received over TLS or IPsec o the RADIUS client require that traffic be sent and received over IPsec. RADIUS over IPsec, if used, MUST conform to the requirements described in [RFC3579] section 4.2." Wolfgang -- to unsubscribe send a message to radiusext-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/radiusext/>
- Re: draft-ietf-radext-digest-auth-06 Miguel Garcia
- RE: draft-ietf-radext-digest-auth-06 Nelson, David
- Re: draft-ietf-radext-digest-auth-06 Emile van Bergen
- draft-ietf-radext-digest-auth-06 wolfgang.beck01@t-online.de