Re: [Int-area] Combined draft on DHCP authentication

[Yoshihiro Ohba <yohba at tari.toshiba.com>]

In addition, I highly suggest that the next revision of
draft-pruss-dhcp-auth-dsl to contain an appendix to explain why the
proposal needs to be standardized while IETF has completed its basic
design of a protocol to carry EAP over IPv4 and IPv6 in order to fill
the gap where link-layer EAP transport is not applicable.  This would
require a thorough and fair analysis on PANA in which a lot of
considerations have been taken into account.

Yoshihiro Ohba


On Mon, Nov 19, 2007 at 02:41:40PM +0100, Mark Townsley wrote:
> 
> Ric, any final IETF work that involves IPv4 does has to at the very 
> least have detailed IPv6 considerations in order to be complete. I 
> understand that the DSLF IPv6 architecture for IP sessions is very 
> incomplete, and I am going to personally try and rectify that as much as 
> I can via my own participation in the Forum. This doesn't mean you are 
> off the hook for DHCP Auth, and I highly suggest the next version of 
> your document speak to this in as clear and frank a manner as possible.
> 
> Iljitsch, your comment wasn't exactly written with a constructive tone 
> either. Let's all please try not to push each others buttons and throw 
> flames here.
> 
> - Mark
> 
> Richard Pruss wrote:
> >Iljitsch van Beijnum wrote, around 19/11/07 7:10 PM:
> >>On 19 nov 2007, at 4:32, Richard Pruss wrote:
> >>
> >>>A combination the DHCP drafts from Cisco and Hauwei on DHCP 
> >>>Authentication has been submitted and is available at:
> >>>http://www.ietf.org/internet-drafts/draft-pruss-dhcp-auth-dsl-02.txt
> >>
> >>Doesn't seem to address IPv6. This makes it useless in my book.
> >>
> >Ahh, you have written a book on authentication in DSL architectures... 
> >;-)
> >
> >If you point me to the IPv6 deployment architecture from the DSLForum 
> >I can send you a draft on how to do the authentication in it.  Putting 
> >EAP into DHCP v6 is no big trick, the real trick is what does the rest 
> >of the IPv6 architecture look like.
> >
> >There are a ton of questions like:
> >
> >a) Do we have multiple services with separate addresses or are they on 
> >the same address as IPv4.  Both approaches have pro's and cons.
> >
> >b) How far into the L2 architecture are link local addresses allowed.
> >
> >c) SAVA
> >
> >and on and on.
> >
> >It is simply premature to guess at what authentication is appropriate 
> >and while PANA seems to think they have a hammer for everything.  I do 
> >not think DHCP Authentication may be the write answer to every question.
> >
> >So leave off the IPv6, we just cannot answer the question with the 
> >architectures under discussion at the DSLForum.
> >
> >- Ric
> >
> >
> >_______________________________________________
> >Int-area mailing list
> >Int-area at lists.ietf.org
> >https://www1.ietf.org/mailman/listinfo/int-area
> >
> 
> 
> _______________________________________________
> Int-area mailing list
> Int-area at lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/int-area
> 


_______________________________________________
Int-area mailing list
Int-area at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/int-area