On Thu, May 25, 2006 at 04:45:39PM -0700, Bernard Aboba wrote: > > I do understand the potential need for EAP to be encapsulated over IP. > However, in practice PANA is more complex than EAP over UDP > (see draft-thomson-nacp-02.txt), which looks like it is on the road > to becoming the defacto standard for EAP encapsulation over IP. I don't think draft-thomson-nacp-02.txt is something to become an IETF standard EAP over UDP protocol because of its lack of security. In fact the draft admits: " If breach of confidentiality and deliberate attacks on the integrity of the NACP protocol itself are a significant risk in certain deployment environments, NACP should be protected by a protocol that offers confidentiality and/or packet authentication, integrity and protection against replay e.g. IPSEC [RFC2401]. " Why IPsec is needed to carry EAP? What is authentication protocol for bootstrapping IPsec to protect NACP, perhaps EAP over IKEv2?? I have other security-related issues on NACP. My view is that secure enhancement of NACP will be equivalent to the EAP over UDP protocol the IETF is standardizing, PANA. Yoshihiro Ohba > > So from what I can tell, in each potential usage scenario PANA is > either not feasible, is more complex than an established alternative, > or has been rejected by the SDOs that have examined it. > > ------------------------------------------------------------------- > Sam Hartman said: > > Hi. Speaking as an individual, I'd like to make an explicit call for > members of the IETF community not involved in the PANA working group > to review draft-ietf-pana-framework. Please speak up if you have done > such a review or attempted such a review and been unsuccessful. Let > us know what you think PANA is intended to be useful for and whether > you think it is actually useful. > > My strong hunch is that we've chartered work for some reason, and now > that the working group is nearing the end of its charter, we still > don't understand why we want this thing we've built and whether it's a > good idea. People aren't screaming not so much because they are happy > with results but because no one actually understands PANA. > > I understand that there's a strong presumption that once chartered, > work is useful. I'd like to challenge this presumption enough to get > people to actually read the document. If people not involved in the > effort sit down, read the document and understand what it's all about, > my concern is satisfied. But if enough people try to read the > document, try to understand and fail, we're not done yet. We > certainly cannot have consensus to publish something we've tried and > failed to understand. > > It's not just me. I've been trying to find people outside of PANA who > claim to understand the effort and what it's good for and why > link-layer solutions are not better. When the first discussion of > PANA hit the IESG, I asked other IESG members why PANA was a good idea > and what problem it solved. "Don't go there," was the advice I got > from the responsible AD. > > At that time (a year and a half ago) there was no one on the IESG who > claimed to understand PANA or to think it was a good idea. > > I'm fairly sure that with the possible exception of Jari (who is a > technical advisor to PANA), that's still true. > > The security community has been trying to understand PANA. I've sent > multiple security reviewers at the PANA document.s They always come > back fundamentally confused about what PANA is trying to do or about > whether it is a good idea. They end up focusing on some detail or > another and asking for some minor part of the system to be fixed. But > I don't get the impression from the reviews they understand the > overall picture; explicit discussion of this also indicates that they > are not confident in their understanding nor do they know whether it > is a good idea. > > We keep running back over the same ground, still confused and still > trying to muddle through to no real effect. > > I've tried to understand it myself. I tried to understand in the BOF. > It was very clear to me leaving the original PANA BOF that something > was very confused. Every year or so since I've tried to go back and > figure out what I missed. Eventually though I've started wondering > whether the problem wasn't me, but was an actual lack of clarity. > > So, folks can you please help us all out. Especially if the internet > area is not your primary focus, especially if you've never heard of > PANA before, take a look at the framework document and all their other > documents. Do you get it? Is it a good idea? > > Thanks for your time. > > P.S. Again, this is me speaking as an individual. At this late > stage, it would be entirely inappropriate for me to take actions as an > AD claiming that we didn't understand a problem without a strong > community consensus. > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www1.ietf.org/mailman/listinfo/ietf > _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf