Re: [Pana] status of wg documents

To: "'Jari Arkko'" <jari.arkko at piuha.net>
Subject: Re: [Pana] status of wg documents
From: "Glen Zorn" <gwz at net-zen.net>
Date: Wed, 10 Jun 2009 14:57:36 +0700
Cc: pana at ietf.org, Basavaraj.Patil at nokia.com
Delivered-to: pana at core3.amsl.com
In-reply-to: <4A2F625B.3040807 at piuha.net>
List-archive: <http://www.ietf.org/mail-archive/web/pana>
List-help: <mailto:pana-request@ietf.org?subject=help>
List-id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-post: <mailto:pana@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
Organization: Network Zen
References: <000c01c9e8b6$af7349b0$0e59dd10$ at net> <C653E9CA.29DFA%basavaraj.patil at nokia.com> <00df01c9e990$43664cb0$ca32e610$ at net> <4A2F625B.3040807 at piuha.net>
Thread-index: Acnpnh0ntjHUGdibSfaHYhqIRW1MrgAAemJw

Jari Arkko [mailto:jari.arkko at piuha.net] writes:

> Glen,
> 
> >> The conclusion (in the WG) was that the security
> >> mechanism between the PAA and EP is a choice of the deployment and
> >> hence
> >> does not need to be specified.
> >>
> >
> > That's rather bizarre; the ADs are OK with this?
> >
> >
> 
> Frankly, I'm not thrilled about it. Generally speaking this sort of
> thing should be a part of our specifications. However, as I noted in
> the
> other e-mail, the overall level of effort and interest on the IPsec
> document is not very high. 

Well, the IPsec draft talks about securing the entire path from the PaC to
the EP.  I guess if the consensus is to use link-layer security (802.11?
How would this work id the PAA & EP aren't co-located?) or a VPN (From the
PaC to the EP?  How would this work at all?) that may be fine, but unless
I'm terribly mistaken (always a possibility!) the PAA-EP link is actually
part of the PANA infrastructure in the access network & it seems very odd
that we would leave it w/no specified method of protection...

> You could say that I'm equally unhappy with
> both of the possible outcomes...
> 
> Jari
>

Follow-Ups:
- Re: [Pana] status of wg documents
  - From: Basavaraj.Patil

References:
- Re: [Pana] status of wg documents
  - From: Glen Zorn
- Re: [Pana] status of wg documents
  - From: Basavaraj.Patil
- Re: [Pana] status of wg documents
  - From: Glen Zorn
- Re: [Pana] status of wg documents
  - From: Jari Arkko

Prev by Date: Re: [Pana] status of wg documents
Next by Date: Re: [Pana] status of wg documents
Previous by thread: Re: [Pana] status of wg documents
Next by thread: Re: [Pana] status of wg documents
Index(es):
- Date
- Thread

Re: [Pana] status of wg documents

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.