[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"

To: "David B. Nelson" <dnelson@elbrysnetworks.com>, <radiusext@ops.ietf.org>
Subject: RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Date: Mon, 18 Aug 2008 14:05:48 -0700
In-reply-to: <D4371E585AF84CD5BDF3EC1F35DABB59@xpsuperdvd2>
References: <Pine.LNX.4.64.0808131904270.24114@internaut.com> <AC1CFD94F59A264488DC2BEC3E890DE5065592E5@xmb-sjc-225.amer.cisco.com> <D4371E585AF84CD5BDF3EC1F35DABB59@xpsuperdvd2>

 

> -----Original Message-----
> From: owner-radiusext@ops.ietf.org 
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of David B. Nelson
> Sent: Friday, August 15, 2008 10:17 AM
> To: radiusext@ops.ietf.org
> Subject: RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility 
> Requirements for RADIUS"
> 
> Joseph Salowey writes...
> 
> > 1. Section 4.2:
> > 
> > In cases where the client needs to protect all or part of 
> the radius 
> > request the "hint and select" negotiation the client would provide 
> > more than a hint when it chooses the algorithms for protection.
> > Perhaps hint and select is not quite the right term, may be specify 
> > and select?
> 
> While adding a more robust form of capabilities negotiation 
> to RADIUS might be a useful thing, it's not a charted work 
> item.  I think we are stuck with the current "hint and 
> select" paradigm that is common usage in RADIUS today.
> 
> Perhaps I've misunderstood your comment.  Could you give an example?
> 
[Joe] There is some confusion.  I don't want to change the behavior, I
just think the term "hint and select" is a bit misleading since the
client will have to select some algorithm to protect its messages.  This
is a bit more than a "hint".  The client can "hint to the server what it
supports.  

> > 2. Section 4.6:
> > 
> > Section 4.6 makes reference to security considerations text 
> about key 
> > management.  Shouldn't this text be in this document?
> 
> Yes, I think so.  Would anyone like to propose some text and 
> a citation into RFC 4017?
> 
[Joe] I'll try to provide some text by the end of the week.  

> 
> 
> --
> to unsubscribe send a message to 
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>

References:
- REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
  - From: Bernard Aboba <aboba@internaut.com>
- RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
  - From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
- RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>

Prev by Date: RE: Comments on "Crypto-Agility Requirements for RADIUS"
Next by Date: RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
Previous by thread: RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
Next by thread: RE: REMINDER: RADEXT WG Last Call on "Crypto-Agility Requirements for RADIUS"
Index(es):
- Date
- Thread