Title: liaison statement from IETF INT AD to DSL Forum From: INT AD (jari.arkko@piuha.net) To: DSL Forum (gyoung@dslforum.org and dallan@nortel.com) Dear DSL Forum, This is a liaison message related to DSL Forum's requirements for subscriber authentication and the extension of DHCP to support it. The discussion in the IETF is ongoing, and this message conveys only the current status. As the DSL Forum is meeting right after the IETF, I felt that it would be useful to provide a preliminary report at this time. I would like to thank the DSL Forum for bringing these requirements to our attention. As described in RFC 4775, while the use and even extension of IETF protocols can in many cases be done without involving the IETF, for certain types of extensions IETF involvement is required. In this particular case it is necessary that these extensions be done under RFC 4775 in order to understand their implications for interoperability and the operation of existing protocol mechanisms. It is also necessary to ensure that the role of DHCP as a widely used protocol is not compromised by an extension. A number of significant technical issues in the DHCP-based approach were brought up during the meeting and on the list. These issues include avoiding weak CHAP authentication, potential need for fragmentation support in DHCP if it carries EAP, the definition of endpoints for the authentication process and matching this with the endpoints of the DHCP protocol, implications for future IPv6 support, and others. My personal read of the meeting was that the IETF currently seems to (weakly) oppose advancing this solution. This result is, however, preliminary and may change through list discussion and updated drafts that would address the issues. The IETF discussion has focused primarily on the properties of the DHCP-based solution. No recommendation about possible alternatives is given at this time. However, there is ongoing work in the PANA WG to analyze whether the PANA protocol satisfies the requirements from DSL Forum. PANA is an IETF Standards Track protocol for network access authentication. We also understand that the DSL Forum has been in contact with the IEEE about possible use of their technology for the subscriber authentication. Meeting materials and preliminary minutes for the INTAREA discussion can be found from https://datatracker.ietf.org/meeting/70/materials.html Jari Arkko Internet Area Director IETF