[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sterman Issue 7] Message Authenticator: Options

To: "'Avi Lior'" <avi@bridgewatersystems.com>, <jari.arkko@piuha.net>
Subject: RE: [Sterman Issue 7] Message Authenticator: Options
From: "Glen Zorn \(gwz\)" <gwz@cisco.com>
Date: Mon, 22 Nov 2004 14:43:27 -0800
Cc: <radiusext@ops.ietf.org>
In-reply-to: <F17FB067A86B2D488382C923C532EAA7024A4DD3@exch01.bridgewatersys.com>
Reply-to: <gwz@cisco.com>

Avi Lior <> wrote:

...

>> Also, should RADIUS Digest go through unmodified, standard RADIUS
>> proxies? If so, how would they be aware of a new AVP that they
need
>> to process?
> 
> Yes that would be a problem.  They wouldn't be aware of it. So
there
> is that issue as well. 

So, does this mean that as far as the IETF is concerned RADIUS
security is good enough, forever (I assume that this reasoning was
at least in part behind the injunction against 'new security
methods' in the charter)?

~gwz

Why is it that most of the world's problems can't be solved by
simply
  listening to John Coltrane? -- Henry Gabriel

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- RE: [Sterman Issue 7] Message Authenticator: Options
  - From: Avi Lior <avi@bridgewatersystems.com>

Prev by Date: RE: Progress on RADIUS Extension for Digest Authentication
Next by Date: RE: [Sterman Issue 7] Message Authenticator: Options
Previous by thread: RE: [Sterman Issue 7] Message Authenticator: Options
Next by thread: RE: [Sterman Issue 7] Message Authenticator: Options
Index(es):
- Date
- Thread