Re: [Dime] Comments on section 2 of new version draft-ietf-dime-erp-01

[Sebastien Decugis <sdecugis at nict.go.jp>]

Hi again, comments inline...


> We note in this document ERP/DER a Diameter-EAP-Request command with
> the Application Id set to Diameter ERP application. On the same
> model, we use ERP/DEA, EAP/DER and EAP/DEA.
>
> [Qin]: what does the same model mean? how about saying:
> "
> We note in this document ERP/DER *refer to* a Diameter-EAP-Request
> Command with the
> Application Id set to Diameter ERP application. *Similarly*, we use
> ERP/DEA, EAP/DER
> and EAP/DEA
> "
Agreed, my phrasing was quite bad :D I will change it to something
better, such as what you are suggesting. Thank you for catching this.

> [Qin] I am wondering how EAP/DER and ERP/DER can be used in the same
> one roundtrip exhange
> between the authenticator, ER server and home EAP server. In my
> understanding, when to use ERP/DER
> and when to use EAP/DER depends on the deployment scenario and
> bootstrapping mode. e.g., in implicit
> bootstrapping mode, we use EAP/DER, in explicit bootstraping mode, we
> use ERP/DER?
This is explained in the explicit mechanism description later in the
document... Basically the local ER server proxies the request and
changes its application Id, so ERP/DER becomes EAP/DER.

> another example when home EAP server does not support ERP
In that case, the ER server cannot obtain the root key required for ERP
function...
> and ER server support EAP, in this case,
> EAP/DER and EAP/DEA can be used between ER server with EAP proxy
> function support and home EAP server.
> Am I right?
I don't really understand what you are implying here, sorry. Can you
clarify?

Sebastien.

-- 
Sebastien Decugis
Research fellow
Network Architecture Group
NICT (nict.go.jp)