[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RADIUS keywrap attributes

To: "Nancy Winget (ncamwing)" <ncamwing@cisco.com>
Subject: RE: RADIUS keywrap attributes
From: Bernard Aboba <aboba@internaut.com>
Date: Sun, 21 Aug 2005 14:28:24 -0700 (PDT)
Cc: radiusext@ops.ietf.org, "Zhang, Tiebing" <TZhang@3eti.com>, Russ Housley <housley@vigilsec.com>, "Pat Calhoun (pacalhou)" <pcalhoun@cisco.com>
In-reply-to: <08A9A3213527A6428774900A80DBD8D8867C0F@xmb-sjc-222.amer.cisco.com>
References: <08A9A3213527A6428774900A80DBD8D8867C0F@xmb-sjc-222.amer.cisco.com>

> If we can agree that this is a work item for this group, then we can
> discuss the merits of the different proposed approaches by either
> draft-zorn-radius-keywrap-08.txt or your newly proposed
> draft-aboba-radext-wlan-00.txt and make progress on this particular
> requirement.

I believe that the issue of keywrap is within the scope of the RADEXT WG 
charter, so that discussing it on the RADEXT WG mailing list is 
appropriate. 

> We can always determine the criteria for IESG approval as well but that
> should not stall our progress in addressing this requirement.

I agree that we should not wait to move forward, but past history shows 
that getting IESG input early on is likely to avoid a lot of pain down the 
road. 

The original RADIUS WG was not permitted to work on RADIUS keywrap 
attributes, and that is why the VSAs documented in RFC 2548 needed to be 
developed. 

Prior to the approval of RFC 4004 (Diameter MIP) and RFC 4072 (Diameter 
EAP), the IETF had not published any AAA key management documents 
developed by an IETF WG as RFCs;  both of these documents took more than 5 
years to go from an initial submission to publication as RFCs. 

In order to avoid the problems that have been experienced in the past, 
it would be nice to know that what criteria are believed to apply to the 
work beforehand, so that we don't go through a lot of effort only to find 
out that the document is unacceptable to the IESG, requiring years of 
rework. 

My understanding is that all AAA key management documents submitted for 
publication as RFCs need to meet the criteria established in:
http://www.ietf.org/internet-drafts/draft-housley-aaa-key-mgmt-00.txt

However, given that RADIUS is a mature, widely deployed protocol, there 
are practical limits on the scale of changes that can be made in order to 
meet these criteria. 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- RE: RADIUS keywrap attributes
  - From: "Nancy Winget \(ncamwing\)" <ncamwing@cisco.com>

Prev by Date: RE: RADIUS keywrap attributes
Next by Date: RE: RADIUS keywrap attributes
Previous by thread: RE: RADIUS keywrap attributes
Next by thread: RE: RADIUS keywrap attributes
Index(es):
- Date
- Thread