Re: [SECMECH] AAA requirement for middleware

Sam Hartman <hartmans-ietf@mit.edu> Sun, 26 June 2005 20:06 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DmdOK-0004rr-IG; Sun, 26 Jun 2005 16:06:08 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DmdOI-0004pK-Vv for secmech@megatron.ietf.org; Sun, 26 Jun 2005 16:06:07 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA09461 for <secmech@ietf.org>; Sun, 26 Jun 2005 16:06:04 -0400 (EDT)
Received: from stratton-three-fifty-seven.mit.edu ([18.187.6.102] helo=carter-zimmerman.mit.edu) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DmdnI-0001fP-NB for secmech@ietf.org; Sun, 26 Jun 2005 16:31:57 -0400
Received: by carter-zimmerman.mit.edu (Postfix, from userid 8042) id B1027E0063; Sun, 26 Jun 2005 16:06:00 -0400 (EDT)
To: Josh Howlett <Josh.Howlett@bristol.ac.uk>
Subject: Re: [SECMECH] AAA requirement for middleware
References: <Pine.GSO.4.44.0506232014570.2267-100000@shark.cse.bris.ac.uk>
From: Sam Hartman <hartmans-ietf@mit.edu>
Date: Sun, 26 Jun 2005 16:06:00 -0400
In-Reply-To: <Pine.GSO.4.44.0506232014570.2267-100000@shark.cse.bris.ac.uk> (Josh Howlett's message of "Fri, 24 Jun 2005 11:05:34 +0100 (BST)")
Message-ID: <tslpsu8993r.fsf@cz.mit.edu>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 1ac7cc0a4cd376402b85bc1961a86ac2
Cc: secmech@ietf.org
X-BeenThere: secmech@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security mechanisms BOF <secmech.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/secmech>
List-Post: <mailto:secmech@lists.ietf.org>
List-Help: <mailto:secmech-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/secmech>, <mailto:secmech-request@lists.ietf.org?subject=subscribe>
Sender: secmech-bounces@lists.ietf.org
Errors-To: secmech-bounces@lists.ietf.org

Well, there's a significant problem with that.  EAP has a rather
narrow applicability statement and general middleware falls outside
that statement.

One of the goals of the secmech effort is to set up the security
frameworks so that you could use an arbitrary mechanism both for AAA
and for other purposes.

I don't think extending EAP to those other frameworks is the right
solution.  I do think that making it possible to use cross-realm AAA
is a requirement.

--Sam


_______________________________________________
SECMECH mailing list
SECMECH@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/secmech