Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
I apologize for the tardiness of these comments: I planned to send this
email over a week ago but I experienced some computer issues ;-).
The definitions of both "authenticator" and "peer" refer to these as
'end of the link'; this seems just a bit too vague to me (after all,
what's at the "end of a link" is usually a transceiver, right, which is
generally neither an authenticator nor a peer ;-): I would prefer to see
them referred to at least as entities. FFrom ietf-bounces at ietf.org Fri Mar 09 22:09:21 2007
Return-path: <ietf-bounces at ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HPrrJ-0007q2-I5; Fri, 09 Mar 2007 22:03:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HNmv1-0003Sb-PN; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-iport-4.cisco.com ([171.68.10.86])
by ietf-mx.ietf.org with esmtp (Exim 4.43)
id 1HNmuy-0007FL-CG; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-dkim-3.cisco.com ([171.71.179.195])
by sj-iport-4.cisco.com with ESMTP; 04 Mar 2007 01:22:11 -0800
X-IronPort-AV: i="4.14,246,1170662400";
d="scan'208,217"; a="44878229:sNHT83233737"
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237])
by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id l249MB4s030912;
Sun, 4 Mar 2007 01:22:11 -0800
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com
[171.70.151.144])
by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l249M8qW011442;
Sun, 4 Mar 2007 09:22:10 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by
xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 4 Mar 2007 01:22:05 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sun, 4 Mar 2007 01:22:03 -0800
Message-ID: <4C0FAAC489C8B74F96BEAD85EAEB26250384ADCA at xmb-sjc-215.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
Thread-Index: AcdePpIeDnchQ1/ZQNGnMfh5KZa67g=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
To: <ietf at ietf.org>
X-OriginalArrivalTime: 04 Mar 2007 09:22:05.0070 (UTC)
FILETIME=[9301CAE0:01C75E3E]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; lT40; t�73000131;
x�73864131; c=relaxed/simple; s=sjdkim3002;
h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;
d=cisco.com; i=gwz at cisco.com;
z=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
|Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18
.txt |Sender: ;
bh=/SYg4q9Dr62YnGYn5tRQqcKcAauxSW7G9dPnnbu+JlQ=;
b=WPVsLIxJpEOqIoCcCMkCwyE6Fwoq0ABYnet0Yaw/sL17ziaoZ286NX98MP3cWjiKPFztNHsY
fYTsSchcJOShKJT225aGRNIL20xExG4dYAMBrdWGhLkNOuetggLt1ZRW;
Authentication-Results: sj-dkim-3; header.From=gwz at cisco.com; dkim=pass (sig
from cisco.com/sjdkim3002 verified; );
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027
X-Mailman-Approved-At: Fri, 09 Mar 2007 22:02:48 -0500
Cc: iesg at ietf.org, eap at frascone.com
Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="============== 38587276=="
Errors-To: ietf-bounces at ietf.org
This is a multi-part message in MIME format.
I apologize for the tardiness of these comments: I planned to send this
email over a week ago but I experienced some computer issues ;-).
The definitions of both "authenticator" and "peer" refer to these as
'end of the link'; this seems just a bit too vague to me (after all,
what's at the "end of a link" is usually a transceiver, right, which is
generally neither an authenticator nor a peer ;-): I would prefer to see
them referred to at least as entities. FFrom ietf-bounces at ietf.org Fri Mar 09 22:09:21 2007
Return-path: <ietf-bounces at ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HPrrJ-0007q2-I5; Fri, 09 Mar 2007 22:03:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HNmv1-0003Sb-PN; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-iport-4.cisco.com ([171.68.10.86])
by ietf-mx.ietf.org with esmtp (Exim 4.43)
id 1HNmuy-0007FL-CG; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-dkim-3.cisco.com ([171.71.179.195])
by sj-iport-4.cisco.com with ESMTP; 04 Mar 2007 01:22:11 -0800
X-IronPort-AV: i="4.14,246,1170662400";
d="scan'208,217"; a="44878229:sNHT83233737"
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237])
by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id l249MB4s030912;
Sun, 4 Mar 2007 01:22:11 -0800
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com
[171.70.151.144])
by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l249M8qW011442;
Sun, 4 Mar 2007 09:22:10 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by
xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 4 Mar 2007 01:22:05 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sun, 4 Mar 2007 01:22:03 -0800
Message-ID: <4C0FAAC489C8B74F96BEAD85EAEB26250384ADCA at xmb-sjc-215.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
Thread-Index: AcdePpIeDnchQ1/ZQNGnMfh5KZa67g=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
To: <ietf at ietf.org>
X-OriginalArrivalTime: 04 Mar 2007 09:22:05.0070 (UTC)
FILETIME=[9301CAE0:01C75E3E]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; lT40; t�73000131;
x�73864131; c=relaxed/simple; s=sjdkim3002;
h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;
d=cisco.com; i=gwz at cisco.com;
z=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
|Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18
.txt |Sender: ;
bh=/SYg4q9Dr62YnGYn5tRQqcKcAauxSW7G9dPnnbu+JlQ=;
b=WPVsLIxJpEOqIoCcCMkCwyE6Fwoq0ABYnet0Yaw/sL17ziaoZ286NX98MP3cWjiKPFztNHsY
fYTsSchcJOShKJT225aGRNIL20xExG4dYAMBrdWGhLkNOuetggLt1ZRW;
Authentication-Results: sj-dkim-3; header.From=gwz at cisco.com; dkim=pass (sig
from cisco.com/sjdkim3002 verified; );
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027
X-Mailman-Approved-At: Fri, 09 Mar 2007 22:02:48 -0500
Cc: iesg at ietf.org, eap at frascone.com
Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="============== 38587276=="
Errors-To: ietf-bounces at ietf.org
This is a multi-part message in MIME format.
I apologize for the tardiness of these comments: I planned to send this
email over a week ago but I experienced some computer issues ;-).
The definitions of both "authenticator" and "peer" refer to these as
'end of the link'; this seems just a bit too vague to me (after all,
what's at the "end of a link" is usually a transceiver, right, which is
generally neither an authenticator nor a peer ;-): I would prefer to see
them referred to at least as entities. FFrom ietf-bounces at ietf.org Fri Mar 09 22:09:21 2007
Return-path: <ietf-bounces at ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HPrrJ-0007q2-I5; Fri, 09 Mar 2007 22:03:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HNmv1-0003Sb-PN; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-iport-4.cisco.com ([171.68.10.86])
by ietf-mx.ietf.org with esmtp (Exim 4.43)
id 1HNmuy-0007FL-CG; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-dkim-3.cisco.com ([171.71.179.195])
by sj-iport-4.cisco.com with ESMTP; 04 Mar 2007 01:22:11 -0800
X-IronPort-AV: i="4.14,246,1170662400";
d="scan'208,217"; a="44878229:sNHT83233737"
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237])
by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id l249MB4s030912;
Sun, 4 Mar 2007 01:22:11 -0800
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com
[171.70.151.144])
by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l249M8qW011442;
Sun, 4 Mar 2007 09:22:10 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by
xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 4 Mar 2007 01:22:05 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sun, 4 Mar 2007 01:22:03 -0800
Message-ID: <4C0FAAC489C8B74F96BEAD85EAEB26250384ADCA at xmb-sjc-215.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
Thread-Index: AcdePpIeDnchQ1/ZQNGnMfh5KZa67g=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
To: <ietf at ietf.org>
X-OriginalArrivalTime: 04 Mar 2007 09:22:05.0070 (UTC)
FILETIME=[9301CAE0:01C75E3E]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; lT40; t�73000131;
x�73864131; c=relaxed/simple; s=sjdkim3002;
h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;
d=cisco.com; i=gwz at cisco.com;
z=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
|Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18
.txt |Sender: ;
bh=/SYg4q9Dr62YnGYn5tRQqcKcAauxSW7G9dPnnbu+JlQ=;
b=WPVsLIxJpEOqIoCcCMkCwyE6Fwoq0ABYnet0Yaw/sL17ziaoZ286NX98MP3cWjiKPFztNHsY
fYTsSchcJOShKJT225aGRNIL20xExG4dYAMBrdWGhLkNOuetggLt1ZRW;
Authentication-Results: sj-dkim-3; header.From=gwz at cisco.com; dkim=pass (sig
from cisco.com/sjdkim3002 verified; );
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027
X-Mailman-Approved-At: Fri, 09 Mar 2007 22:02:48 -0500
Cc: iesg at ietf.org, eap at frascone.com
Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="============== 38587276=="
Errors-To: ietf-bounces at ietf.org
This is a multi-part message in MIME format.
I apologize for the tardiness of these comments: I planned to send this
email over a week ago but I experienced some computer issues ;-).
The definitions of both "authenticator" and "peer" refer to these as
'end of the link'; this seems just a bit too vague to me (after all,
what's at the "end of a link" is usually a transceiver, right, which is
generally neither an authenticator nor a peer ;-): I would prefer to see
them referred to at least as entities. FFrom ietf-bounces at ietf.org Fri Mar 09 22:09:21 2007
Return-path: <ietf-bounces at ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HPrrJ-0007q2-I5; Fri, 09 Mar 2007 22:03:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HNmv1-0003Sb-PN; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-iport-4.cisco.com ([171.68.10.86])
by ietf-mx.ietf.org with esmtp (Exim 4.43)
id 1HNmuy-0007FL-CG; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-dkim-3.cisco.com ([171.71.179.195])
by sj-iport-4.cisco.com with ESMTP; 04 Mar 2007 01:22:11 -0800
X-IronPort-AV: i="4.14,246,1170662400";
d="scan'208,217"; a="44878229:sNHT83233737"
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237])
by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id l249MB4s030912;
Sun, 4 Mar 2007 01:22:11 -0800
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com
[171.70.151.144])
by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l249M8qW011442;
Sun, 4 Mar 2007 09:22:10 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by
xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 4 Mar 2007 01:22:05 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sun, 4 Mar 2007 01:22:03 -0800
Message-ID: <4C0FAAC489C8B74F96BEAD85EAEB26250384ADCA at xmb-sjc-215.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
Thread-Index: AcdePpIeDnchQ1/ZQNGnMfh5KZa67g=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
To: <ietf at ietf.org>
X-OriginalArrivalTime: 04 Mar 2007 09:22:05.0070 (UTC)
FILETIME=[9301CAE0:01C75E3E]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; lT40; t�73000131;
x�73864131; c=relaxed/simple; s=sjdkim3002;
h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;
d=cisco.com; i=gwz at cisco.com;
z=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
|Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18
.txt |Sender: ;
bh=/SYg4q9Dr62YnGYn5tRQqcKcAauxSW7G9dPnnbu+JlQ=;
b=WPVsLIxJpEOqIoCcCMkCwyE6Fwoq0ABYnet0Yaw/sL17ziaoZ286NX98MP3cWjiKPFztNHsY
fYTsSchcJOShKJT225aGRNIL20xExG4dYAMBrdWGhLkNOuetggLt1ZRW;
Authentication-Results: sj-dkim-3; header.From=gwz at cisco.com; dkim=pass (sig
from cisco.com/sjdkim3002 verified; );
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027
X-Mailman-Approved-At: Fri, 09 Mar 2007 22:02:48 -0500
Cc: iesg at ietf.org, eap at frascone.com
Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="============== 38587276=="
Errors-To: ietf-bounces at ietf.org
This is a multi-part message in MIME format.
I apologize for the tardiness of these comments: I planned to send this
email over a week ago but I experienced some computer issues ;-).
The definitions of both "authenticator" and "peer" refer to these as
'end of the link'; this seems just a bit too vague to me (after all,
what's at the "end of a link" is usually a transceiver, right, which is
generally neither an authenticator nor a peer ;-): I would prefer to see
them referred to at least as entities. FFrom ietf-bounces at ietf.org Fri Mar 09 22:09:21 2007
Return-path: <ietf-bounces at ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HPrrJ-0007q2-I5; Fri, 09 Mar 2007 22:03:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1HNmv1-0003Sb-PN; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-iport-4.cisco.com ([171.68.10.86])
by ietf-mx.ietf.org with esmtp (Exim 4.43)
id 1HNmuy-0007FL-CG; Sun, 04 Mar 2007 04:22:15 -0500
Received: from sj-dkim-3.cisco.com ([171.71.179.195])
by sj-iport-4.cisco.com with ESMTP; 04 Mar 2007 01:22:11 -0800
X-IronPort-AV: i="4.14,246,1170662400";
d="scan'208,217"; a="44878229:sNHT83233737"
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237])
by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id l249MB4s030912;
Sun, 4 Mar 2007 01:22:11 -0800
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com
[171.70.151.144])
by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l249M8qW011442;
Sun, 4 Mar 2007 09:22:10 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by
xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 4 Mar 2007 01:22:05 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sun, 4 Mar 2007 01:22:03 -0800
Message-ID: <4C0FAAC489C8B74F96BEAD85EAEB26250384ADCA at xmb-sjc-215.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
Thread-Index: AcdePpIeDnchQ1/ZQNGnMfh5KZa67g=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
To: <ietf at ietf.org>
X-OriginalArrivalTime: 04 Mar 2007 09:22:05.0070 (UTC)
FILETIME=[9301CAE0:01C75E3E]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; lT40; t�73000131;
x�73864131; c=relaxed/simple; s=sjdkim3002;
h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;
d=cisco.com; i=gwz at cisco.com;
z=From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
|Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18
.txt |Sender: ;
bh=/SYg4q9Dr62YnGYn5tRQqcKcAauxSW7G9dPnnbu+JlQ=;
b=WPVsLIxJpEOqIoCcCMkCwyE6Fwoq0ABYnet0Yaw/sL17ziaoZ286NX98MP3cWjiKPFztNHsY
fYTsSchcJOShKJT225aGRNIL20xExG4dYAMBrdWGhLkNOuetggLt1ZRW;
Authentication-Results: sj-dkim-3; header.From=gwz at cisco.com; dkim=pass (sig
from cisco.com/sjdkim3002 verified; );
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 5ebbf074524e58e662bc8209a6235027
X-Mailman-Approved-At: Fri, 09 Mar 2007 22:02:48 -0500
Cc: iesg at ietf.org, eap at frascone.com
Subject: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="============== 38587276=="
Errors-To: ietf-bounces at ietf.org
This is a multi-part message in MIME format.
Title: Comments on Section 1.2 of draft-ietf-eap-keying-18.txt
I apologize for the tardiness of these comments: I planned to send this email over a week ago but I experienced some computer issues ;-).
The definitions of both "authenticator" and "peer" refer to these as 'end of the link'; this seems just a bit too vague to me (after all, what's at the "end of a link" is usually a transceiver, right, which is generally neither an authenticator nor a peer ;-): I would prefer to see them referred to at least as entities. For example:
"authenticator
The entity initiating EAP authentication…"
&
"peer
The entity that responds to the authenticator."
Although this change clarifies slightly the nature of the EAP peer and authenticator, it may require the rethinking of some other definitions. For example, see the definition of "Secure Association Protocol" later in this section: only if "peer" & "authenticator" are defined in the original (vague) manner can this definition be accurate, since the entities involved in the 802.11i 4-way handshake are, I think, quite different from the EAP entities. In general, the consumers/users of the keys that may be generated as a side-effect of EAP authentication are not identical to the EAP entities, however, a fact that seems to be if not lost then at least glossed over in this document. Further examples can be found in the definitions of "Transient EAP Keys (TEKs)", where the EAP peers are presumed to continue sending & receiving encrypted data after authentication is complete(!) and "Transient Session Keys (TSKs)", where the EAP peers negotiate a ciphersuite for this purpose. Although I don't think it's prohibited for EAP methods to negotiate ciphersuites for subsequent use _by other protocols_ (such as 802.11i, etc.), I don't know of any that do & I don't think that that is what is meant in this definition: it is only the rather IMHO sloppy use of the terms "authenticator" and "peer" to mean, basically, "whatever is hanging off the ends of the wire" that allows this usage.
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
