[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Comments on draft-carroll-dynmobileip-cdma-04.txt
Carroll, Christopher P. <mailto:Christopher.Carroll@ropesgray.com>
supposedly scribbled:
> Hi Glen,
>
> I find your request somewhat extreme.
It wasn't really a serious request, more an observation. The
document misuses RADIUS in the worst way (whether through ignorance
or arrogance is of little consequence) & to state that the document
in question shouldn't be used as a model is the weakest possible
statement.
> However, I would like to
> believe that your opinions are not influenced by Cisco's Mobile IP
> key distribution product entitled " "Mobile IP Dynamic Security
> Association and Key Distribution" which is interestingly similar
in
> title and purpose to the present draft.
I'm unfamiliar with that product (document? draft? Can you supply a
reference?) but you may rest assured that if it similar in technique
to yours my criticism would be just as vehement.
>
> Regards,
>
> chris
>
>
>> -----Original Message-----
>> From: Glen Zorn (gwz) [mailto:gwz@cisco.com]
>> Sent: Monday, March 14, 2005 2:20 PM
>> To: 'Avi Lior'; 'Nelson, David'; 'Frank Quick'; 'Alan DeKok'; 'W.
>> Mark Townsley' Cc: 'Jari Arkko'; 'Barney Wolff'; 'Thomas Narten';
>> Carroll, Christopher P.; gerry.flynn@verizonwireless.com;
>> radiusext@ops.ietf.org
>> Subject: RE: Comments on draft-carroll-dynmobileip-cdma-04.txt
>>
>> Avi Lior <> supposedly scribbled:
>>
>> _This document is practically a textbook example of how _not_ to
use
>> RADIUS. Can the note say that?
>>
>>> I support David's approach.
>>>
>>>> -----Original Message-----
>>>> From: Nelson, David [mailto:dnelson@enterasys.com]
>>>> Sent: Monday, March 14, 2005 1:32 PM
>>>> To: Frank Quick; Alan DeKok; Avi Lior; W. Mark Townsley
>>>> Cc: Jari Arkko; Barney Wolff; Thomas Narten; Carroll,
Christopher
>>>> P.; gerry.flynn@verizonwireless.com; radiusext@ops.ietf.org
>>>> Subject: RE: Comments on draft-carroll-dynmobileip-cdma-04.txt
>>>>
>>>>
>>>> Frank Quick writes...
>>>>
>>>>> This sounds very reasonable, but I think it actually goes
beyond
>>>>> the context of this draft. I believe there is no clear
statement
>>>>> of this policy that the draft can reference, and it is not a
good
>>>>> idea for a draft of this nature to create new policy. For
this
>>>>> draft maybe it is enough that we state that RFC 2865 forbids
VSA
>>>>> in Access-Reject, and that future work should consider using
>>>>> Access-Challenge instead. That would avoid having to discuss
the
>>>>> semantics issue in the draft.
>>>>
>>>> It is apparent that there is some disagreement within the
RADIUS
>>>> community within IETF about the usage of Access-Reject. The
areas
>>>> of disagreement cover whether Access-Reject implies link-layer
>>>> disconnect and when Access-Reject or Access-Challenge is
>>>> appropriate (or permissible). In RADEXT, we have added this
set
>>>> of issues to be considered in our RADIUS Issues and Fixes I-D.
>>>> Given this lack of clear consensus, it might be advisable to
craft
>>>> an IESG note along the lines that Frank describes. Future RFCs
>>>> may provide more definitive guidance in this area.
Understanding
>>>> that, it is appropriate to discourage new work using *this*
>>>> document as a precedent.
>>
Hope this helps,
~gwz
Why is it that most of the world's problems can't be solved by
simply
listening to John Coltrane? -- Henry Gabriel
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>