[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: RADEXT Milestone revisions

To: "Nelson, David" <dnelson@enterasys.com>, <radiusext@ops.ietf.org>
Subject: AW: RADEXT Milestone revisions
From: "Tschofenig, Hannes" <hannes.tschofenig@siemens.com>
Date: Tue, 21 Feb 2006 16:41:16 +0100

hi david, 

thanks for the quick reply. 

> Hannes Tschofenig writes...
>  
> > what do you mean by crypto-agility?
> 
> Generally speaking, it means the ability to treat cipher suites as
> modular components of protocols such that they can be changed without
> major upheaval to the protocol.  For example, the recent concerns over
> attacks against certain applications for hash functions used in IETF
> protocols, as discussed in SAAG.  More specifically, it means
> changes/extensions to RADIUS to allow a system using RADIUS to obtain
> FIPS-140 certification.

i know about these activites. i wasn't quite sure how it effects the 
http://www.ietf.org/internet-drafts/draft-aboba-radext-wlan-01.txt
document. 

maybe i haven't paid enough attention to this document. i actually do
not quite understand its background. the abstract says:

This document proposes additional attributes for use by
IEEE 802.11 authenticators.  The attributes defined in this document
are compatible with those used within Diameter EAP.
http://www.ietf.org/internet-drafts/draft-aboba-radext-wlan-01.txt

how does this relate to existing deployment? aren't we a little bit late
specifying these attributes (although i think they are very useful).

btw, he abstract does not seem to be inline with section 4. the abstract
says:

"
The attributes defined in this document
are compatible with those used within Diameter EAP.
"

section 4 says:  
"
EAP-Key-Name attribute is aready defined as a RADIUS attributes within
Diameter EAP 
New attributes not previously defined in Diameter EAP include EAP-
   Peer-ID, EAP-Server-ID, Allowed-SSID, Allowed-Called-Station-ID, and
   Mobility-Domain-ID. 
"

> 
> > > The desired goal would be to complete the split and have new
> > > -00 documents submitted by the -00 deadline of Monday, February
> > > 27.  This is a bit aggressive.
> 
> > extremely agressive :-)
> 
> Yes, perhaps.  We were waiting for formal approval from the 
> ADs prior to
> announcing the documents splits.  OTOH, the initial split is,
> conceptually at least, a large cut and paste operation.

where do you see the main benefit of the document split with regard to
meeting the deadlines? 
maybe because you want to see new document editors? 


ciao
hannes

> 
> 
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: RADEXT Milestone revisions
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>

Prev by Date: AW: RADEXT Agenda for IETF65, Take Two
Next by Date: RE: RADEXT Agenda for IETF65, Take Two
Previous by thread: AW: RADEXT Milestone revisions
Next by thread: RE: RADEXT Milestone revisions
Index(es):
- Date
- Thread