[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt

To: "'Alan DeKok'" <aland@deployingradius.com>
Subject: RE: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
From: "Glen Zorn" <glenzorn@comcast.net>
Date: Mon, 6 Jul 2009 17:31:15 +0700
Cc: "'Stefan Winter'" <stefan.winter@restena.lu>, <radiusext@ops.ietf.org>
In-reply-to: <4A51BF16.4010906@deployingradius.com>
References: <20090703161501.9F78F3A6C6A@core3.amsl.com> <4A4E31EA.8000209@deployingradius.com> <4A518D37.2090107@restena.lu> <01ca01c9fe04$d0771840$716548c0$@net> <4A51B1CD.1080502@deployingradius.com> <022801c9fe17$cdbb31f0$693195d0$@net> <4A51BF16.4010906@deployingradius.com>

Alan DeKok [mailto:aland@deployingradius.com] writes:

> Glen Zorn wrote:
> > Inside of a trusted network?  Isn't this, then, a configuration
> issue,
> > rather than a standards issue?
> 
>   If it's *only* inside of a trusted network, yes.  But there are
> interests outside of that usage.  e.g. Eduroam, and other roaming
> operators.
> 
> > Maybe you could explain those benefits (and why they were not
> exploited by
> > the folks deploying Diameter).
> 
>   Because the deployments of Diameter and RADIUS are largely
> orthogonal.
>  They have different use-cases, and therefore different needs.
> 
> >  The only real benefit I can see is in the
> > case where a new server is added to the network or the IP address of
> an old
> > one is changed (surely a rather rare occurrence).  Are there others?
> 
>   I'm spending a fair bit of time helping people migrate RADIUS servers
> from one IP (and version of software) to another.  So while it may seem
> fairly rare, many people see the benefit of an automatic discovery
> method.

Of course, what was I thinking?  Setting up a CA, issuing client and server
certs and configuring secure DNS is _so_ much simpler than laboriously
typing an IP address.  This simplicity must explain the amazing popularity
(indeed, true ubiquity) of the PKI today.  

> 
>   Alan DeKok.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: Alan DeKok <aland@deployingradius.com>

References:
- I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: Internet-Drafts@ietf.org
- Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: Alan DeKok <aland@deployingradius.com>
- Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: Stefan Winter <stefan.winter@restena.lu>
- RE: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: Alan DeKok <aland@deployingradius.com>
- RE: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
  - From: Alan DeKok <aland@deployingradius.com>

Prev by Date: Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
Next by Date: Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
Previous by thread: Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
Next by thread: Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt
Index(es):
- Date
- Thread