IETF Logo Mail Archive

Re: Manual network access logins (Was: Re: [RAM] The mapping problem: rendezvous points?)

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 23 May 2007 08:00 UTC

Return-path: <ram-bounces@iab.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hqlm7-0006Sg-K5; Wed, 23 May 2007 04:00:51 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hqlm6-0006PL-5g for ram@iab.org; Wed, 23 May 2007 04:00:50 -0400
Received: from qb-out-0506.google.com ([72.14.204.234]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hqlm4-0008LS-TD for ram@iab.org; Wed, 23 May 2007 04:00:50 -0400
Received: by qb-out-0506.google.com with SMTP id e7so55013qbe for <ram@iab.org>; Wed, 23 May 2007 01:00:48 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=nwxgcGcnRTOGTjQSVndFibKh1aYGYNXHeoAcjYqjn2uQRRAHraBdBGmleCNfgsWG0x6FcYSCxFkdaHImGBfEVqzty5M3hMwZEGtjEzdDQsaQZpEwrpGGxZ8TTn9Jat2bI+9MH5/yQJ+6a8mDnMUGXV9xIsL83gHC2w11PmXgWgo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=Pt5okeIW42rSao+wWAGvs/WWMrTntITbpBMR5Rs3PcuLI+nVGTiDJgHchX+XtPoWSbrYGdG1UU1w32B8VUmfxQ04bbn/o5D1+K9ijHTma9JBfoJQjceV/Ni35zxqSLl6brklL/xvA+d6Zz4c28mUPUBLWCsQDTHoEVzvAY04kT8=
Received: by 10.70.109.12 with SMTP id h12mr583531wxc.1179907248436; Wed, 23 May 2007 01:00:48 -0700 (PDT)
Received: from ?10.10.50.1? ( [213.3.13.1]) by mx.google.com with ESMTP id 45sm597823wri.2007.05.23.01.00.45; Wed, 23 May 2007 01:00:46 -0700 (PDT)
Message-ID: <4653F4AB.4070006@gmail.com>
Date: Wed, 23 May 2007 10:00:43 +0200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
User-Agent: Thunderbird 1.5.0.10 (Windows/20070221)
MIME-Version: 1.0
To: Tony Li <tli@cisco.com>
Subject: Re: Manual network access logins (Was: Re: [RAM] The mapping problem: rendezvous points?)
References: <8F47F550-6224-4AFF-8359-CBA98D3F2FAB@muada.com> <271CF87FD652F34DBF877CB0CB5D16FC054EA470@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com> <62AFA8C7-FDD4-4FF2-B609-966081DDC0D1@cisco.com> <B79E458E-F18C-4617-B953-F311E5623E9A@cisco.com> <271CF87FD652F34DBF877CB0CB5D16FC054EA694@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com> <A590D37E-7DEC-4695-998E-DA12A205F306@cisco.com> <271CF87FD652F34DBF877CB0CB5D16FC054EA741@WIN-MSG-21.wingroup.windeploy.ntdev.microsoft.com> <47DB1548-B91F-47A0-BF62-FACDA9E7706B@cisco.com> <20070518180916.GF69215@Space.Net> <3BD20378-6BEA-409D-A7E0-D170C0DF247D@cisco.com> <464E9D96.8070207@piuha.net> <4652E178.5080209@gmail.com> <4652FC8D.3090600@piuha.net> <6966E31B-F1D4-434B-9649-6C2B4B614F13@cisco.com>
In-Reply-To: <6966E31B-F1D4-434B-9649-6C2B4B614F13@cisco.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Cc: Gert Doering <gert@Space.Net>, ram@iab.org
X-BeenThere: ram@iab.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing and Addressing Mailing List <ram.iab.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ram>
List-Post: <mailto:ram@iab.org>
List-Help: <mailto:ram-request@iab.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=subscribe>
Errors-To: ram-bounces@iab.org

On 2007-05-22 21:51, Tony Li wrote:
> 
>>> Are we really boiling that corner of the ocean here?
>>
>> No, we should not be. But if people have ideas
>> about this corner of the ocean, we could talk
>> about another effort. At the moment I'm not sure
>> what more we can do technically, however. If
>> there is something, contact me off the list and
>> we can talk.
> 
> 
> I'm not an expert in this area, but isn't this type of thing already 
> addressed by 802.1x?
> 
> Even if not, it's not hard to see the we will want to have automated 
> authentication mechanisms that allow us to change networks without 
> manual intervention.  

But if the authentication is done for an ID instead of a locator,
the AAA problem is somewhat transformed, I think.

> So while we might not be there yet, this is a AAA 
> problem that someone should go off and solve.  The network architecture 
> itself should still allow for these transitions to be as seamless as 
> possible, including session migration.

Indeed. Which, for real time apps, means that the latency for any
AAA handoff needs to be pretty small. And maybe basing it on an
invariant ID would help with that.

    Brian

-- 
NEW: Preferred email for non-IBM matters: brian.e.carpenter@gmail.com

_______________________________________________
RAM mailing list
RAM@iab.org
https://www1.ietf.org/mailman/listinfo/ram

v2.23.0 | Report a Bug | By Email