AW: AW: RADEXT Milestone revisions

["Tschofenig, Hannes" <hannes.tschofenig@siemens.com>]

Hi Alan, 

> "Tschofenig, Hannes" <hannes.tschofenig@siemens.com> wrote:
> > ok. that's a different story. i remember these two proposals. what i
> > disliked with them was that they do not provide a solution 
> for dynamic
> > authentication and key management. why isn't something tackling this
> > issue?
> 
>   Bob Moscowitz and I came up with something related a few years back:
> 
>   http://www3.ietf.org/proceedings/03nov/slides/radext-4.pdf
> 
>   I'll try to find a draft of the document, too.  It never went
> anywhere, though.

This work tried to accomplish a different goal. It tried to develop a
solution for initial enrollment between the RADIUS client and the RADIUS
server if they are in the same administrative domain. BUT: The problem
we are dealing with appears if you consider cases where the RADIUS
client and the RADIUS server are in different administrative domains. 

> 
>   There was also the Kerberos & RADIUS draft, but I can't find a link
> to it, either.

Interesting. I think I don't know this one. 


In the first place I wanted to better understand the problem that needs
to be solved. 

Ciao
Hannes

> 
>   Alan DeKok.
> 
> --
> to unsubscribe send a message to radiusext-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>