In reading the PANA Framework document, what I read seemed to me to
be more of a "system" or "solution" document than a clean IETF
protocol framework.
I saw efforts to address three different problems:
1) Securing an otherwise unsecured link, when the access node is not
known to the client in advance.
2) Selecting an authorization (charging, possibly packet handling) service
3) Authenticating the user
EAP over IP (or UDP, or link) is about authenticating the user. If a
media independent technique better than just using a browser is
needed, then solve that problem. Personally, I would find the work
far more persuasive if it did not also try to solve the problem of
creating an IPSec association to the access device, nor of the
authorization selection problem.
And spell out in clear English what use case needs that problem
solved. I can read between the lines and start to guess. But the
document is quite unclear. The appendix about DSL is not helpful in
that regard.
Yours,
Joel M. Halpern
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf