RE: [dhcwg] [New I-D] DHCP User-based Authentication

[Amy Zhao <zhaoyuping at huawei.com>]

Hello,Eliot!
     Thank for your comments. 
     Please see in line.

Thanks!


B.R.
Amy 

> -----Original Message-----
> From: Eliot Lear [mailto:lear at cisco.com] 
> Sent: Wednesday, October 11, 2006 2:27 PM
> To: Amy Zhao
> Cc: dhcwg at ietf.org
> Subject: Re: [dhcwg] [New I-D] DHCP User-based Authentication
> 
> I have the following three questions:
> 
>    1. Why is DHCP the correct protocol to do user-based 
> authentication?

If we want to use DHCP for configuring clients accessing the Internet
through some form of high-speed access technology such as cable or ADSL, we
need a coupling between AAA and DHCP.

>    2. How would this work interact with RFC 3118 (as 
> mentioned by Andre
>       Kostur)?

You and Andre both mention this issue. To tell the truth, I really missed
it. but until now, I think the two options are seperate. Maybe I miss some
issues. 

>    3. At this late date it seems wise to at least address the issue of
>       the authentication server proving itself to the connecting
>       device.  This seems to me to change the nature of risk 
> with regard
>       to who is giving up information.  What in your proposal is to
>       prevent a rogue DHCP server from snarfing passwords?
> 
Sorry, I could not catch your mean.Do you mean to add some context in the
draft? 

> Thanks,
> 
> Eliot
> 



_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg