AW: [SECMECH] Desire to standardize some specific EAP mechanisms
"Tschofenig, Hannes" <hannes.tschofenig@siemens.com> Fri, 15 July 2005 07:32 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DtKgd-00064T-7N; Fri, 15 Jul 2005 03:32:43 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DtKgb-00064L-53 for secmech@megatron.ietf.org; Fri, 15 Jul 2005 03:32:41 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA10369 for <secmech@ietf.org>; Fri, 15 Jul 2005 03:32:39 -0400 (EDT)
Received: from lizzard.sbs.de ([194.138.37.39]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1DtL9M-00046o-Un for secmech@ietf.org; Fri, 15 Jul 2005 04:02:25 -0400
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by lizzard.sbs.de (8.12.6/8.12.6) with ESMTP id j6F7WQrj024941; Fri, 15 Jul 2005 09:32:27 +0200
Received: from fthw9xpa.ww002.siemens.net (fthw9xpa.ww002.siemens.net [157.163.133.222]) by mail2.sbs.de (8.12.6/8.12.6) with ESMTP id j6F7WQWh011119; Fri, 15 Jul 2005 09:32:26 +0200
Received: from MCHP7IEA.ww002.siemens.net ([139.25.131.146]) by fthw9xpa.ww002.siemens.net with Microsoft SMTPSVC(6.0.3790.0); Fri, 15 Jul 2005 09:35:49 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: AW: [SECMECH] Desire to standardize some specific EAP mechanisms
Date: Fri, 15 Jul 2005 09:32:23 +0200
Message-ID: <ECDC9C7BC7809340842C0E7FCF48C393421E16@MCHP7IEA.ww002.siemens.net>
Thread-Topic: [SECMECH] Desire to standardize some specific EAP mechanisms
Thread-Index: AcWIviSj48xInkznSyCFC+G1ztZ6swAURcvQ
From: "Tschofenig, Hannes" <hannes.tschofenig@siemens.com>
To: Sam Hartman <hartmans-ietf@mit.edu>, secmech@ietf.org
X-OriginalArrivalTime: 15 Jul 2005 07:35:49.0796 (UTC) FILETIME=[D26F6E40:01C5890F]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17
Content-Transfer-Encoding: quoted-printable
Cc:
X-BeenThere: secmech@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security mechanisms BOF <secmech.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/secmech>
List-Post: <mailto:secmech@lists.ietf.org>
List-Help: <mailto:secmech-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=subscribe>
Sender: secmech-bounces@lists.ietf.org
Errors-To: secmech-bounces@lists.ietf.org
hi sam, it seems that you already have some eap methods in mind that you would like to standardize. can you tell us more? ciao hannes > -----Ursprüngliche Nachricht----- > Von: secmech-bounces@lists.ietf.org > [mailto:secmech-bounces@lists.ietf.org] Im Auftrag von Sam Hartman > Gesendet: Donnerstag, 14. Juli 2005 22:37 > An: secmech@ietf.org > Betreff: [SECMECH] Desire to standardize some specific EAP mechanisms > > > > > Comments from the EAP chairs and the IESG suggest there is a strong > desire to standardize some specific EAP mechanisms probably before the > GUAM work is done. > > I think this might be doable particularly if the EAP mechanisms > standardized are things like eap-tls where there are already > alternatives for other frameworks. The issue is simply one of timing. > > The original proposal was to do that work in the EAP working group and > to (depending on BOF results) spin up secmech to do the more general > work. > > I'm uncomfortable with that work being done outside the security area. > I'm also uncomfortable with two ongoing parallel efforts without > strong coordination. > > I propose that if we want to take that approach we standardize the > specific mechanisms in the secmech group along with doing the more > general work. For timing reasons we might even need to prioritize > some of the EAP work. I think there are many advantages to doing so: > > 1) We become more familiar with the requirements of EAP and > the same group of people doing general work get specific > practical experience. > > 2) Since the same group of people are doing both the general and > specific work you are likely to get better sanity checking across > the projects. > > 3) You make sure the efforts don't diverge. > > 4) You leverage security review experience from the GSS and SASL > comnunities and practical deployment experience from the > EAP community. > > If we take that approach, two things need to happen. First, we need > to get a specific set of mechanisms to standardize early into the > charter. Second, we would need at least one int-area chair--possibly > one of the existing EAP chairs if willing to serve--by the time a WG > is chartered. > > Thanks for your consideration, > > --Sam > > > _______________________________________________ > SECMECH mailing list > SECMECH@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/secmech > _______________________________________________ SECMECH mailing list SECMECH@lists.ietf.org https://www1.ietf.org/mailman/listinfo/secmech
- AW: [SECMECH] Desire to standardize some specific… Tschofenig, Hannes