[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue: 802.1X dependency

To: "Bernard Aboba" <bernard_aboba@hotmail.com>, <radiusext@ops.ietf.org>
Subject: RE: Issue: 802.1X dependency
From: "Congdon, Paul T (ProCurve)" <paul.congdon@hp.com>
Date: Fri, 14 Apr 2006 10:31:28 -0700


This looks good to me 

> -----Original Message-----
> From: owner-radiusext@ops.ietf.org 
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Bernard Aboba
> Sent: Wednesday, April 12, 2006 10:29 AM
> To: radiusext@ops.ietf.org
> Subject: Issue: 802.1X dependency
> 
> Description of issue: 802.1X dependency
> Submitter name: Bernard Aboba
> Submitter email address: aboba@internaut.com Date first 
> submitted: April 12th, 2006
> Reference: n/a
> Document: draft-ietf-radext-vlan-02
> Comment type: 'E'ditorial
> Priority: S
> Section: Abstract, 1, 6
> Rationale/Explanation of issue:
> 
> The VLAN and priority attributes are usable for provisioning 
> of access to IEEE 802 local area networks.  There is no 
> explicit IEEE 802.1X dependency in the document.  For 
> example, the attributes can be used with IEEE 802 
> technologies that do not implement IEEE 802.1X, such as IEEE 802.16k.
> 
> Therefore I do not believe that IEEE 802.1X should be listed 
> as a normative reference.  Also, the goal should be larger 
> than just supporting 802.1X deployments, it should be to 
> support access to IEEE 802 local area networks.
> 
> The proposed changes are as follows:
> 
> Change the Appendix from:
> 
> "   This document proposes additional RADIUS (Remote 
> Authentication Dial
>    In User Service) attributes for dynamic Virtual LAN assignment and
>    prioritization, for use by IEEE 802.1X authenticators.  These
>    attributes are usable within either RADIUS or Diameter."
> 
> To:
> 
> "  This document proposes additional RADIUS (Remote 
> Authentication Dial
>    In User Service) attributes for dynamic Virtual LAN assignment and
>    prioritization, for use in provisioning of access to IEEE 802 local
>    area networks.  These attributes are usable within either RADIUS or
>    Diameter."
> 
> Change Section 1 from:
> 
> "  IEEE 802.1X [IEEE-802.1X] provides "network port 
> authentication" for
>    IEEE 802 [IEEE-802] media, including Ethernet [IEEE-802.3], Token
>    Ring and 802.11 wireless LANs [IEEE-802.11][IEEE-802.11i].
> 
>    This document describes Virtual LAN (VLAN) and re-prioritization
>    attributes that may prove useful for provisioning of access to IEEE
>    802 local area networks with the Remote Authentication Dialin User
>    Service (RADIUS).
> 
>    While [RFC3580] enables support for VLAN assignment based on the
>    tunnel attributes defined in [RFC2868], it does not provide support
>    for a more complete set of VLAN functionality as defined by
>    [IEEE-802.1Q].  The attributes defined in this document provide
>    support within RADIUS analogous to the management 
> variables supported
>    in [IEEE-802.1Q] and MIB objects defined in [RFC4363].  In 
> addition,
>    this document enables support for a wider range of [IEEE-802.1X]
>    configurations."
> 
> To:
> 
> "  This document describes Virtual LAN (VLAN) and re-prioritization
>    attributes that may prove useful for provisioning of access to IEEE
>    802 local area networks [IEEE-802] with the Remote Authentication
>    Dialin User Service (RADIUS).
> 
>    While [RFC3580] enables support for VLAN assignment based on the
>    tunnel attributes defined in [RFC2868], it does not provide support
>    for a more complete set of VLAN functionality as defined by
>    [IEEE-802.1Q].  The attributes defined in this document provide
>    support within RADIUS analogous to the management 
> variables supported
>    in [IEEE-802.1Q] and MIB objects defined in [RFC4363].  In 
> addition,
>    this document enables support for a wider range of [IEEE-802.1X]
>    configurations."
> 
> In Section 1.1, delete the definition of authenticator, since 
> the word is no longer used in the document.
> 
> Change the first paragraph of Section 6 from:
> 
> "  This specification describes the use of RADIUS for purposes of
>    authentication, authorization and accounting in networks supporting
>    [IEEE 802.1X].   Threats and security issues for this 
> application are
>    described in [RFC3579] and [RFC3580]; security issues 
> encountered in
>    roaming are described in [RFC2607]."
> 
> To:
> 
> "  This specification describes the use of RADIUS for purposes of
>    authentication, authorization and accounting in IEEE 802 local area
>    networks.  Threats and security issues for this application are
>    described in [RFC3579] and [RFC3580]; security issues 
> encountered in
>    roaming are described in [RFC2607]."
> 
> Move the reference to 802.1X from normative to informative.  
> Delete references to 802.3, 802.11 and 802.11i.
> 
> 
> 
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RADEXT WG last call on VLAN and Priority Document
Next by Date: Issue 188: Delegated Prefix NITs
Previous by thread: Issue: 802.1X dependency
Next by thread: I-D ACTION:draft-ietf-radext-vlan-03.txt
Index(es):
- Date
- Thread