[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter

To: "'David B. Nelson'" <dnelson@elbrysnetworks.com>, <radiusext@ops.ietf.org>
Subject: RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
From: "Glen Zorn" <glenzorn@comcast.net>
Date: Thu, 17 Apr 2008 12:02:28 +0700
Cc: "'Matt Holdrege'" <Matt.Holdrege@strixsystems.com>
In-reply-to: <029f01c89fec$b9f8d5d0$1f0a0a0a@xpsuperdvd2>
References: <BLU137-DS3201313A440BD95347E3B93E80@phx.gbl> <01c201c89e64$259ca440$1f0a0a0a@xpsuperdvd2> <001601c89ea3$12f2f7b0$33da787c@arubanetworks.com> <200804150800.53961.stefan.winter@restena.lu> <004001c89ed0$d8b0f100$33da787c@arubanetworks.com> <48046B45.20008@deployingradius.com> <007501c89f8c$57c0f380$99e0787c@arubanetworks.com> <EDC652A26FB23C4EB6384A4584434A04B082B7@307622ANEX5.global.avaya.com> <BLU137-W3582AC60B8DE34F3A13CD93EA0@phx.gbl> <007d01c89f9a$adb6d6c0$99e0787c@arubanetworks.com> <029d01c89fe3$a60d4820$1f0a0a0a@xpsuperdvd2> <400A74A604718E46BC9EE95677BAFF31181A2B@wv-mailsrv2.strixsystems.com> <029e01c89fea$5f2eb7c0$1f0a0a0a@xpsuperdvd2> <400A74A604718E46BC9EE95677BAFF31181A3C@wv-mailsrv2.strixsystems.com> <029f01c89fec$b9f8d5d0$1f0a0a0a@xpsuperdvd2>

owner-radiusext@ops.ietf.org <> scribbled on Thursday, April 17, 2008
1:07 AM:

> Matt Holdrege writes...
> 
>> OK, that's fine, but then if *real* RADIUS clients aren't really a
>> part of this effort, then why is it in this WG?
> 
> Hmmm.  Because the WG isn't limited to considering only RADIUS
> extensions that [primarily] impact the NAS?

Hmmm.  Since _everything_ has to change, how can you say that?

> 
>> I assume you have some reason for not using IETF recommended IPsec to
>> secure proxy-to-proxy data?
> 
> That issue has been discussed.  There are implementations and
> deployments of RADIUS over IPsec.  The thing that some folks
> don't like about IPsec is that it's a Layer 3 protocol and
> isn't visible to applications at Layer 4 (e.g.
> at the socket interface) the way TLS is.
> 
>> If so, why don't you create another proxy-server to proxy-server
>> encryption protocol?
> 
> One could claim that RADSEC neatly fills that bill.

Conceptually, yes; it's nowhere near fully baked from a standards POV
IMHO, but it (or something very similar) has been working in very large
commercial roaming networks for a very long time.  BTW (since it doesn't
seem to have gotten through to some people) let me say it again: I am
not & never have been opposed to the standardization of RadSec.  I think
that it's a mistake to undertake the task in this WG (not least of all
because of an obvious antagonism to innovation on the part of some
members) but since the tide of opinion seems to be to do that it's fine.
I AM REALLY OPPOSED TO BS, however & I don't really understand this
manic grasping at straws to claim RadSec's "backward compatibility", to
the point that now we have 'if you used this interface when you wrote
your code (as opposed to the easy, obvious one)' then it's really almost
the same but not quite'.  Please.

...



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>

References:
- Consensus Call on RADEXT WG re-charter
  - From: <Bernard_Aboba@hotmail.com>
- RE: Consensus Call on RADEXT WG re-charter
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>
- RE: Consensus Call on RADEXT WG re-charter
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Consensus Call on RADEXT WG re-charter
  - From: Stefan Winter <stefan.winter@restena.lu>
- RE: Consensus Call on RADEXT WG re-charter
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: Consensus Call on RADEXT WG re-charter
  - From: Alan DeKok <aland@deployingradius.com>
- Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "Glen Zorn" <glenzorn@comcast.net>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: Bernard Aboba <bernard_aboba@hotmail.com>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "Glen Zorn" <glenzorn@comcast.net>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "Matt Holdrege" <Matt.Holdrege@strixsystems.com>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "Matt Holdrege" <Matt.Holdrege@strixsystems.com>
- RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>

Prev by Date: Re: RADEXT WG re-charter
Next by Date: RE: Consensus Call on RADEXT WG re-charter
Previous by thread: RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
Next by thread: RE: Meaning of "backward compatible" WAS RE: Consensus Call on RADEXT WG re-charter
Index(es):
- Date
- Thread