RE: [HOKEY] consensus call: ERX transport
"Narayanan, Vidya" <vidyan@qualcomm.com> Wed, 25 July 2007 19:09 UTC
Return-path: <hokey-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IDmFC-0005z6-9w; Wed, 25 Jul 2007 15:09:58 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IDmFB-0005yt-JU for hokey@ietf.org; Wed, 25 Jul 2007 15:09:57 -0400
Received: from numenor.qualcomm.com ([129.46.51.58]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IDmFB-00071A-0L for hokey@ietf.org; Wed, 25 Jul 2007 15:09:57 -0400
Received: from sabrina.qualcomm.com (sabrina.qualcomm.com [129.46.61.150]) by numenor.qualcomm.com (8.13.6/8.12.5/1.0) with ESMTP id l6PJ9tiF018669 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Wed, 25 Jul 2007 12:09:56 -0700
Received: from sanexcas01.na.qualcomm.com (sanexcas01.qualcomm.com [172.30.36.175]) by sabrina.qualcomm.com (8.13.6/8.13.6/1.0) with ESMTP id l6PJ9t22030043; Wed, 25 Jul 2007 12:09:55 -0700
Received: from NAEX13.na.qualcomm.com ([129.46.51.248]) by sanexcas01.na.qualcomm.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 25 Jul 2007 12:09:54 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [HOKEY] consensus call: ERX transport
Date: Wed, 25 Jul 2007 12:09:54 -0700
Message-ID: <C24CB51D5AA800449982D9BCB90325137991A1@NAEX13.na.qualcomm.com>
In-Reply-To: <54569.130.129.17.167.1185379518.squirrel@www.trepanning.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [HOKEY] consensus call: ERX transport
Thread-Index: AcfO1aOsxK3npJwOSvGqKoTv5IUaIwAFX6qg
References: <46A4E854.6090508@cs.umd.edu><20070724212938.GF32220@steelhead.localdomain><31304A73-ED71-4A5F-B73F-D83876D311ED@nist.gov> <20070724224204.GA1744@steelhead.localdomain> <C24CB51D5AA800449982D9BCB903251379913B@NAEX13.na.qualcomm.com> <54569.130.129.17.167.1185379518.squirrel@www.trepanning.net>
From: "Narayanan, Vidya" <vidyan@qualcomm.com>
To: Dan Harkins <dharkins@lounge.org>
X-OriginalArrivalTime: 25 Jul 2007 19:09:54.0955 (UTC) FILETIME=[629165B0:01C7CEEF]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c
Cc: Tim Polk <tim.polk@nist.gov>, hokey@ietf.org
X-BeenThere: hokey@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: HOKEY WG Mailing List <hokey.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hokey>
List-Post: <mailto:hokey@ietf.org>
List-Help: <mailto:hokey-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
Errors-To: hokey-bounces@ietf.org
Hi Dan, > -----Original Message----- > From: Dan Harkins [mailto:dharkins@lounge.org] > Sent: Wednesday, July 25, 2007 9:05 AM > To: Narayanan, Vidya > Cc: Yoshihiro Ohba; Tim Polk; hokey@ietf.org > Subject: RE: [HOKEY] consensus call: ERX transport > > > Hi Vidya, > > On Wed, July 25, 2007 8:20 am, Narayanan, Vidya wrote: > > All, > > A couple of clarifications: > > > > - The current notes on the authenticator state machine > describe how to > > transition from the EAP to ERX state machine. > > A transition between state machines? It's an EAP packet. It's > being received by the EAP layer. It's being processed by a > chunk of EAP code. > The state machine to handle requires a change. > I guess it depends on how it is implemented. In any case, it is a new chunk of state machine which is hooked on to the existing state machine. It is that "hook" that is described in the current text. > > If there is no > > transition, the EAP state machine can time out, but, I believe that > > would not be ideal. > > No, that would not be ideal. Which brings up a question that > has been nagging me for a while. How is a peer to know > whether the server is HOKEY-enabled or not? It could respond > to the ID request with this new ERX packet which the > authenticator will...well, I guess drop on the floor. Then is > the peer just supposed to wait some period of time before > assuming that a fast handover is just not gonna happen and > had he just responded with his identity he'd be authenticated by now. > Did you mean server isn't HOKEY-enabled or authenticator isn't HOKEY-enabled or both? In some lower layers, the ERX support will be indicated by the lower layer and hence the peer will know about that. In case the peer has no idea of whether the server supports ERX, it can do an ERP bootstrapping exchange without waiting for a handoff (i.e., after finishing regular EAP through an authenticator) - it will not get a response and can conclude that ERP isn't feasible. With the proposed change of having an ERP-specific initiation message from authenticator, it will be clearer, since the authenticator will only send the EAP Initiate/Re-auth-Start message if it supported ERP. If it only sent EAP Request/ID, it doesn't indicate support for ERP. Vidya > Doesn't this require a giant flag day for deployment? > > Dan. > > > > _______________________________________________ HOKEY mailing list HOKEY@ietf.org https://www1.ietf.org/mailman/listinfo/hokey
- [HOKEY] consensus call: ERX transport Charles Clancy
- Re: [HOKEY] consensus call: ERX transport Yoshihiro Ohba
- Re: [HOKEY] consensus call: ERX transport Yoshihiro Ohba
- Re: [HOKEY] consensus call: ERX transport Rafa Marin Lopez
- RE: [HOKEY] consensus call: ERX transport Narayanan, Vidya
- RE: [HOKEY] consensus call: ERX transport Dan Harkins
- RE: [HOKEY] consensus call: ERX transport Madjid Nakhjiri
- Re: [HOKEY] consensus call: ERX transport Lakshminath Dondeti
- Re: [HOKEY] consensus call: ERX transport Dan Harkins
- RE: [HOKEY] consensus call: ERX transport Narayanan, Vidya
- RE: [HOKEY] consensus call: ERX transport Narayanan, Vidya
- Re: [HOKEY] consensus call: ERX transport Tim Polk