[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sterman Issue 7] Message Authenticator: Options

To: <radiusext@ops.ietf.org>
Subject: RE: [Sterman Issue 7] Message Authenticator: Options
From: "Nelson, David" <dnelson@enterasys.com>
Date: Mon, 22 Nov 2004 16:38:46 -0500

Avi Lior writes...

> -Will keywrap be ready in time?
> This is important but the authors feel that it is ready to go. 

Keywrap may well be important, to the extent that it successfully
addresses NIST certification requirements, but it includes more than
just an improved MAC, and would likely require a charter change to be in
scope (new RADIUS security methods are currently out of scope).

I think that Message-Authenticator is probably the way to go for the
Sterman draft.  More extensive security enhancements to RADIUS could be
optionally applied to digest authentication, as well as any other RADIUS
application, when and if they are standardized.

-- Dave



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: [Sterman Issue 7] Message Authenticator: Options
Next by Date: Re: [Sterman Issue 7] Message Authenticator: Options
Previous by thread: Re: [Sterman Issue 7] Message Authenticator: Options
Next by thread: RE: [Sterman Issue 7] Message Authenticator: Options
Index(es):
- Date
- Thread