[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RADIUS-Mobile IP support??: RAD EXT WG Charter
s/peach/peace
>-----Original Message-----
>From: Chowdhury, Kuntal [RICH1:2H18:EXCH]
>Sent: Thursday, May 20, 2004 10:03 AM
>To: Nakhjiri Madjid-MNAKHJI1; 'Charles E. Perkins'
>Cc: Lila Madour (QA/EMC); radiusext@ops.ietf.org; Pete McCann;
>tom.hiller@lucent.com
>Subject: RE: [SPAM: Sexually Explicit] RE: RADIUS-Mobile IP
>support??: RAD EXT WG Charter
>
>
>I will not loose my peach of mind if people want to spend time
>on MIP4-RADIUS work. However, I don't see the need for it.
>
>If it is so important, then a generic (dynamic) key
>distribution mechanism with RADIUS may be of some interest to me.
>
>-Kuntal
>
>>-----Original Message-----
>>From: Nakhjiri Madjid-MNAKHJI1 [mailto:Madjid.Nakhjiri@motorola.com]
>>Sent: Thursday, May 20, 2004 9:47 AM
>>To: 'Charles E. Perkins'; Chowdhury, Kuntal [RICH1:2H18:EXCH]
>>Cc: Lila Madour (QA/EMC); Nakhjiri Madjid-MNAKHJI1;
>>radiusext@ops.ietf.org; Pete McCann; tom.hiller@lucent.com
>>Subject: RE: [SPAM: Sexually Explicit] RE: RADIUS-Mobile IP
>>support??: RAD EXT WG Charter
>>
>>
>>Hi Kuntal
>>
>>I agree what Charlie. The problems of RADIUS supporting Mobile
>>IP extensions and RADIUS hop by hop security are different.
>>Although solutions to both is required for some scenarios,
>>that is not always the case. Lets remember I am not asking
>>radext to solve all MIP security problems (if they exist).
>>If I had issues with security of MIP, I would go to MIP
>>mailing list, not this list. And for folks interested in those
>>issues, please lets meet over at MIP list!
>>I am saying MIPv4 and its key mgmt drafts as protocols being
>>standardized by IETF need support for RADIUS, which also is an
>>IETF protocol. For folks that argue 3GPP2 has done it this
>>way or the other, I should say:
>>The interoperability problems for IETF protocols "Must" be
>>resolved in IETF, not in other SDOs. What would you tell IEEE
>>folks, or APCO folks? Please go to 3GPP32 for the second half
>>of the solution?
>>
>>IETF AAA community has acknowledged RADIUS problems and solved
>>many of those in Diameter, but Diameter has a small deployment
>>base, please show me a Diameter vendor that supports all IETF
>>specs and I may just go buy from them.
>>The problem is people are stuck with RADIUS for a while and if
>>you are using Mobile IP, problems needs to be solved.
>>
>>I can understand the group might be having a pressing charter,
>>but I don't buy the argument of "there is no need because
>>3GPP2 has done it since 2000". Technology grows!
>>
>>Regards,
>>
>>Madjid
>>
>>
>>-----Original Message-----
>>From: Charles E. Perkins [mailto:charliep@iprg.nokia.com]
>>Sent: Wednesday, May 19, 2004 7:50 PM
>>To: Kuntal Chowdhury
>>Cc: Lila Madour (QA/EMC); Nakhjiri Madjid-MNAKHJI1;
>>radiusext@ops.ietf.org; Pete McCann; tom.hiller@lucent.com
>>Subject: Re: [SPAM: Sexually Explicit] RE: RADIUS-Mobile IP
>>support??: RADEXT WG Charter
>>
>>
>>Hello Kuntal,
>>
>>> Kuntal Chowdhury wrote:
>>>
>>>We cannot assume that the HA and the HAAA server SHALL always
>>be in the
>>>same administrative domain.
>>>
>>That means another solution is required for expanded
>>applicability. It doesn't mean that the offered solution is
>>inappropriate for its domain of applicability.
>>
>>> Moreover, for RADIUS, every proxy in the PATH will
>>>see the MN-HA shared secret.
>>>
>>>
>>Well, since the secret didn't exist at all anyway until the
>>AAAH created it, I don't see the big deal here. If there is
>>some worry, then:
>>(a) use a shorter lifetime and/or
>>(b) use another key when moving to another domain
>>
>>>Again, this issue should be discussed with security area folks.
>>>
>>>
>>They've looked at it pretty close a few dozen
>>times by now I reckon.
>>
>>Regards,
>>Charlie P.
>>
>
>--
>to unsubscribe send a message to
>radiusext-request@ops.ietf.org with the word 'unsubscribe' in
>a single line as the message text body.
>archive: <http://psg.com/lists/radiusext/>
>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>