[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RADIUS-Mobile IP support??: RAD EXT WG Charter

To: "'Kuntal Chowdhury'" <chowdury@nortelnetworks.com>
Subject: RE: RADIUS-Mobile IP support??: RAD EXT WG Charter
From: Nakhjiri Madjid-MNAKHJI1 <Madjid.Nakhjiri@motorola.com>
Date: Thu, 20 May 2004 11:13:34 -0500
Cc: radiusext@ops.ietf.org

A peach in mind is not a bad thing maybe, I like the smell :)


-----Original Message-----
From: Kuntal Chowdhury [mailto:chowdury@nortelnetworks.com]
Sent: Thursday, May 20, 2004 10:35 AM
To: Nakhjiri Madjid-MNAKHJI1; 'Charles E. Perkins'
Cc: Lila Madour (QA/EMC); radiusext@ops.ietf.org; Pete McCann;
tom.hiller@lucent.com
Subject: RE: RADIUS-Mobile IP support??: RAD EXT WG Charter


s/peach/peace

>-----Original Message-----
>From: Chowdhury, Kuntal [RICH1:2H18:EXCH] 
>Sent: Thursday, May 20, 2004 10:03 AM
>To: Nakhjiri Madjid-MNAKHJI1; 'Charles E. Perkins'
>Cc: Lila Madour (QA/EMC); radiusext@ops.ietf.org; Pete McCann; 
>tom.hiller@lucent.com
>Subject: RE: [SPAM: Sexually Explicit] RE: RADIUS-Mobile IP 
>support??: RAD EXT WG Charter
>
>
>I will not loose my peach of mind if people want to spend time 
>on MIP4-RADIUS work. However, I don't see the need for it. 
>
>If it is so important, then a generic (dynamic) key 
>distribution mechanism with RADIUS may be of some interest to me.
>
>-Kuntal
>
>>-----Original Message-----
>>From: Nakhjiri Madjid-MNAKHJI1 [mailto:Madjid.Nakhjiri@motorola.com]
>>Sent: Thursday, May 20, 2004 9:47 AM
>>To: 'Charles E. Perkins'; Chowdhury, Kuntal [RICH1:2H18:EXCH]
>>Cc: Lila Madour (QA/EMC); Nakhjiri Madjid-MNAKHJI1; 
>>radiusext@ops.ietf.org; Pete McCann; tom.hiller@lucent.com
>>Subject: RE: [SPAM: Sexually Explicit] RE: RADIUS-Mobile IP 
>>support??: RAD EXT WG Charter
>>
>>
>>Hi Kuntal
>>
>>I agree what Charlie. The problems of RADIUS supporting Mobile
>>IP extensions and RADIUS hop by hop security are different. 
>>Although solutions to both is required for some scenarios, 
>>that is not always the case. Lets remember I am not asking 
>>radext to solve all MIP security problems (if they exist). 
>>If I had issues with security of MIP, I would go to MIP 
>>mailing list, not this list. And for folks interested in those 
>>issues, please lets meet over at MIP list! 
>>I am saying MIPv4 and its key mgmt drafts as protocols being 
>>standardized by IETF need support for RADIUS, which also is an 
>>IETF protocol.  For folks that argue 3GPP2 has done it this 
>>way or the other, I should say: 
>>The interoperability problems for IETF protocols "Must" be 
>>resolved in IETF, not in other SDOs. What would you tell IEEE 
>>folks, or APCO folks? Please go to 3GPP32 for the second half 
>>of the solution?
>>
>>IETF AAA community has acknowledged RADIUS problems and solved
>>many of those in Diameter, but Diameter has a small deployment 
>>base, please show me a Diameter vendor that supports all IETF 
>>specs and I may just go buy from them. 
>>The problem is people are stuck with RADIUS for a while and if 
>>you are using Mobile IP, problems needs to be solved.
>>
>>I can understand the group might be having a pressing charter,
>>but I don't buy the argument of "there is no need because 
>>3GPP2 has done it since 2000". Technology grows!
>>
>>Regards,
>>
>>Madjid
>>
>>
>>-----Original Message-----
>>From: Charles E. Perkins [mailto:charliep@iprg.nokia.com]
>>Sent: Wednesday, May 19, 2004 7:50 PM
>>To: Kuntal Chowdhury
>>Cc: Lila Madour (QA/EMC); Nakhjiri Madjid-MNAKHJI1;
>>radiusext@ops.ietf.org; Pete McCann; tom.hiller@lucent.com
>>Subject: Re: [SPAM: Sexually Explicit] RE: RADIUS-Mobile IP 
>>support??: RADEXT WG Charter
>>
>>
>>Hello Kuntal,
>>
>>> Kuntal Chowdhury wrote:
>>>
>>>We cannot assume that the HA and the HAAA server SHALL always
>>be in the
>>>same administrative domain.
>>>
>>That means another solution is required for expanded
>>applicability. It doesn't mean that the offered solution is 
>>inappropriate for its domain of applicability.
>>
>>> Moreover, for RADIUS, every proxy in the PATH will
>>>see the MN-HA shared secret.
>>>  
>>>
>>Well, since the secret didn't exist at all anyway until the
>>AAAH created it, I don't see the big deal here. If there is 
>>some worry, then:
>>(a) use a shorter lifetime and/or
>>(b) use another key when moving to another domain
>>
>>>Again, this issue should be discussed with security area folks.
>>>  
>>>
>>They've looked at it pretty close a few dozen
>>times by now I reckon.
>>
>>Regards,
>>Charlie P.
>>
>
>--
>to unsubscribe send a message to 
>radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
>a single line as the message text body.
>archive: <http://psg.com/lists/radiusext/>
>

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: RADIUS-Mobile IP support??: RAD EXT WG Charter
Next by Date: RE: RADIUS-Mobile IP support??: RADEXT WG Charter
Previous by thread: RE: RADIUS-Mobile IP support??: RAD EXT WG Charter
Index(es):
- Date
- Thread