[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02

To: <yohba at tari.toshiba.com>
Subject: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
From: <Preetida.Vinayakray-Jani at nokia.com>
Date: Wed, 2 Apr 2008 14:54:17 +0300
Cc: hokey at ietf.org
Delivered-to: ietfarch-hokey-web-archive at core3.amsl.com
Delivered-to: hokey at core3.amsl.com
In-reply-to: <20080401201624.GC10887 at steelhead.localdomain>
List-archive: <http://www.ietf.org/pipermail/hokey>
List-help: <mailto:hokey-request@ietf.org?subject=help>
List-id: HOKEY WG Mailing List <hokey.ietf.org>
List-post: <mailto:hokey@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/hokey>, <mailto:hokey-request@ietf.org?subject=unsubscribe>
References: <47E5A685.4010706 at cs.umd.edu> <83CD3A5F85DE7D43B6A5CC37CCBAEECE053CB6FF at esebe104.NOE.Nokia.com> <47EE275F.9050504 at research.telcordia.com> <83CD3A5F85DE7D43B6A5CC37CCBAEECE0544EF7F at esebe104.NOE.Nokia.com> <20080401201624.GC10887 at steelhead.localdomain>
Sender: hokey-bounces at ietf.org
Thread-index: AciUNZySacsrHFUSQ2aCByF5VIq4LQAgFK4g
Thread-topic: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02

Hi Yoshi:

Thanks for response. Inline pl 

Regds
Preeti
>> >AD. The draft does not make any assumption regarding 
>pre-established  
>> >SA between SA and CA, as SA (Serving Authenticator) acts 
>like a proxy 
>> >and forwards the packets to CA (Candidate Authenticator). 
>MN does not 
>> >directly communicate with CA, but SA does communicate with 
>CA in case 
>> >of indirect pre-authentication. So the role of CA and SA are little 
>> >different than PAR and NAR that you have mentioned for FMIPv6.
>> >
>> >I do not understand quite well about the partial pre-authentication 
>> >of MN. Could you please clarify it little more?
>> >
>> 
>> [Preeti] Parital authentication -> In above scenrio, 
>Preauthentication 
>> involves direct IP level communication between SA and CA, Although 
>> resulted pre-authentication is for MN, it does not include 
>MN's layer 
>> 2 authentication. Hence it is partial. If layer 2 
>authentication fails 
>> then success of layer 3 may not bring any value or 
>underutilization of 
>> reserved resources.
>
>Direct pre-authentication and indirect pre-authentication are 
>the same in that both happen before MN performs L2 secure 
>association to CA.
>Context Binding, described in Section 5.2, will create binding 
>between link-layer independent context and link-layer specific 
>context, so that L2 secure association can succeed when L2 
>handover happens.

[Preeti] I.e. context bidning is carrying link specific or independent
authentication pareamters. However what I mean by partial authentication
is that with proper context binding perhaps L3 authentication can be
successful, but one can only be sure about such successful
authentication if L2 authetnication is also successful. Do you agree? 


>
>Yoshihiro Ohba
>
>
_______________________________________________
HOKEY mailing list
HOKEY at ietf.org
https://www.ietf.org/mailman/listinfo/hokey

Follow-Ups:
- Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Yoshihiro Ohba

References:
- [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Charles Clancy
- Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Preetida.Vinayakray-Jani
- Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Ashutosh Dutta
- Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Preetida.Vinayakray-Jani
- Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
  - From: Yoshihiro Ohba

Prev by Date: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
Next by Date: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
Previous by thread: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
Next by thread: Re: [HOKEY] WGLC: draft-ietf-hokey-preauth-ps-02
Index(es):
- Date
- Thread