[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02

To: <hokey at ietf.org>
Subject: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
From: <Preetida.Vinayakray-Jani at nokia.com>
Date: Tue, 25 Mar 2008 13:40:45 +0200
Delivered-to: ietfarch-hokey-web-archive at core3.amsl.com
Delivered-to: hokey at core3.amsl.com
In-reply-to: <47E5A685.4010706 at cs.umd.edu>
List-archive: <http://www.ietf.org/pipermail/hokey>
List-help: <mailto:hokey-request@ietf.org?subject=help>
List-id: HOKEY WG Mailing List <hokey.ietf.org>
List-post: <mailto:hokey@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
References: <47E5A685.4010706 at cs.umd.edu>
Sender: hokey-bounces at ietf.org
Thread-index: AciMfkh69pEPNkvTS42UK4O5VW+WgAB5Adaw
Thread-topic: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02

Hi:

Pl. find following in ref. to subjected draft.

Draft:
Section 3: Problem Statement

=> Understanding that this is problem statement draft, this section
requires to deliver the subjected goal. Although problem statement
discussion covers e.g. performance issues very specific to 802.11 only,
inter-access handover, inter-authetnicator, intra-domain/subnet...etc. 
1. A consistent usage of single term like inter-domain or inter-subnet
may provide more clear view of prob. statement
2. Also text reelvant to perfomance issue like handover latency can be
extended more in terms of subjected scope as provided details are more
focused on intra-technology handover. i.e how handover latency in terms
security context feasible in terms of inter-domain or inter-subnet?
3. Categorizing the problem statement with different scenario can
provide direct mapping with usage sceanrios - section 4.

Draft:
Section 4...4.1 ..4.2

=> 1. It seems the 4.1 scenario simply involves the normal
authentication procedure? In my view there is no pre-authetnication
scenario here, isn't it? If there are some security context transferred
by MN prior to its association with CA then it is of no use, as CA may
not accept such security context without consulting Home AAA. Then in
such case simple authentication procedure will be followed. Or am I
missing something?

2. In indirect pre-autnetication, it is asusmed that there will be
pre-exisitng trust between SA and CA. To me this scenario is analogus to
fast handover in MIP, with proxy-solicitation msg. However keeping MIP
aside, even if MN receives IP level details of CA through SA, the
performed pre-authentication can be partial as MN still needs to
associate CA first before using IP level security. Any comments?   

Draft:
Section 5... 5.1.....5.2

=>Authenticator discovery protocols will different from any secure DNA?
If MN is directly involved with pre-authentication then it may be, if
not then SA may act as proxy node for such discovery protcol? Any views?

In context binding, 2nd para - First apporach (1st four lines) are
relevant to indirect binding isn't it? 

Thanks
Preeti

 
_______________________________________________
HOKEY mailing list
HOKEY at ietf.org
https://www.ietf.org/mailman/listinfo/hokey

Follow-Ups:
- Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Ashutosh Dutta

References:
- [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Charles Clancy

Prev by Date: Re: [HOKEY] ERX issues
Next by Date: [HOKEY] I-D Action:draft-ietf-hokey-erx-14.txt
Previous by thread: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
Next by thread: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
Index(es):
- Date
- Thread