RE: [Pana] Re: Reliable delivery (AD comment)

To: "Bernard Aboba" <aboba at internaut.com>
Subject: RE: [Pana] Re: Reliable delivery (AD comment)
From: "Glen Zorn \(gwz\)" <gwz at cisco.com>
Date: Fri, 9 Mar 2007 19:37:15 -0800
Authentication-results: sj-dkim-4; header.From=gwz@cisco.com; dkim=pass (sig from cisco.com/sjdkim4002 verified; );
Cc: Magnus Westerlund <magnus.westerlund at ericsson.com>, Yoshihiro Ohba <yohba at tari.toshiba.com>, gwz at cisco.com, pana at ietf.org, eap at frascone.com, Lars Eggert <lars.eggert at netlab.nec.de>, "Mark Townsley \(townsley\)" <townsley at cisco.com>
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1548; t=1173497848; x=1174361848; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=gwz@cisco.com; z=From:=20=22Glen=20Zorn=20\(gwz\)=22=20<gwz@cisco.com> |Subject:=20RE=3A=20[Pana]=20Re=3A=20Reliable=20delivery=20(AD=20comment) |Sender:=20; bh=WuYhWipJFFbkKMYeGn+GwCOPfy/hSSNUQjsP2XEaGFc=; b=cvIIl6ftMeCtFeS6dKqsx3jB5CA6fT0xPIycZmjix9OfXqkwU4ONhDnuiCznXbDUS0t0EZw4 1/EhM3aKvCh7QnEWPt6FNVvvz2JKVvLySVZwGTR8cgVkuOF9ojOqlq5h;
In-reply-to: <Pine.LNX.4.64.0703082212500.317@internaut.com>
List-help: <mailto:pana-request@ietf.org?subject=help>
List-id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-post: <mailto:pana@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
References: <0MKp2t-1HFfbr0Jew-0007Cg@mrelay.perfora.net><45D30F51.60408@cisco.com> <20070220155447.GB20868@steelhead><45EBF9C0.10608@cisco.com><Pine.LNX.4.64.0703050830430.10123@internaut.com><45EC4899.7040906@cisco.com><Pine.LNX.4.64.0703080824200.29038@internaut.com> <45F03A70.2050800@cisco.com> <4C0FAAC489C8B74F96BEAD85EAEB26250391A8E4@xmb-sjc-215.amer.cisco.com> <Pine.LNX.4.64.0703082212500.317@internaut.com>
Thread-index: AcdiE8dnW9leY03dTW6fGKUX1q6WbAAryHSw
Thread-topic: [Pana] Re: Reliable delivery (AD comment)

Bernard Aboba <mailto:aboba at internaut.com> allegedly scribbled on
Thursday, March 08, 2007 10:26 PM:

>> My conclusion (based upon the actual text of the relevant RFCs rather
>> than anecdotal evidence regarding "well-behaved" RADIUS
>> implementations)
> 
> RFC 2865 already recommends behavior that prevents out-of-order
> delivery. 

Actually, it doesn't.  As I have pointed out repeatedly , the semantics
of the Identifier in RADIUS & EAP are identical.  

> A proposal to strengthen that to a MUST is on the table.  From what I
> can tell, this resolves the issue for RADIUS. 
> 
>> that "well-behaved" EAP implementations do NOT require duplicate
>> detection in the transport any more than do "well-behaved" RADIUS
>> implementations.
> 
> The difference between RFC 3748 and 2865 is that 3748 does not
> recommend a duplicate cache of substantial duration.  

Hmm.  I don't really consider "a short period of time" to convey any
meaningful sense of duration; in any case, see below.

> That makes a
> difference if a duplicate is intermingled with a new packet.  

I believe that the packet flow which I gave in an earlier message
illustrated that a timer-based algorithm is insufficient for duplicate
detection in both RADIUS and EAP if the identifier is allowed to simply
"change" between exchanges.  In fact, I think that timers are
unnecessary: all that is needed to solve the problem is to specify the
semantics of the Identifier to be those of a sequence number with
roll-over.  

_______________________________________________
Pana mailing list
Pana at ietf.org
https://www1.ietf.org/mailman/listinfo/pana

Follow-Ups:
- Re: [Pana] Re: Reliable delivery (AD comment)
  - From: Yoshihiro Ohba

References:
- [Pana] Reliable delivery (AD comment)
  - From: Alper Yegin
- [Pana] Re: Reliable delivery (AD comment)
  - From: Mark Townsley
- Re: [Pana] Re: Reliable delivery (AD comment)
  - From: Yoshihiro Ohba
- Re: [Pana] Re: Reliable delivery (AD comment)
  - From: Mark Townsley
- Re: [Pana] Re: Reliable delivery (AD comment)
  - From: Mark Townsley
- Re: [Pana] Re: Reliable delivery (AD comment)
  - From: Mark Townsley
- RE: [Pana] Re: Reliable delivery (AD comment)
  - From: Glen Zorn \(gwz\)

Prev by Date: Re: [Pana] Re: Reliable delivery (AD comment)
Next by Date: Re: [Pana] Re: Reliable delivery (AD comment)
Previous by thread: RE: [Pana] Re: Reliable delivery (AD comment)
Next by thread: Re: [Pana] Re: Reliable delivery (AD comment)
Index(es):
- Date
- Thread

RE: [Pana] Re: Reliable delivery (AD comment)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.