Re: Back to authentication on the IETF network (was: Re: IETF 78: getting to/from/around Maastricht)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Jul 12, 2010, at 3:54 PM, Ted Hardie <ted.ietf@xxxxxxxxx> wrote:

On Mon, Jul 12, 2010 at 12:41 PM, Chris Elliott <chelliot@xxxxxxxxx> wrote:

I will suggest that in Beijing we may need to physically authenticate people
coming into the terminal room, but I will leave the decision on whether and
how to do that up to the host in Beijing.

Chris.

What does "physically authenticate people" mean here?  Show that they
have a badge (common and meets the stated requirement of "keep the
IETF network for IETF attendees")?  Or write down the name?   Or write
down the name and the network port for the cable they pick up?

The differences here are not subtle, and I don't think this question really
does belong with the hosts in Beijing.  They can present requirements
to the IETF, but it is up to us to decide how to meet them.  If their choice
in meeting the requirement "keep the IETF network for IETF attendees"
turns into "Track the network usage on a per attendee basis", the attendees
really need to know whether that is because that was the real requirement
all along or because the IETF management failed to provide a realistic
alternative that met the stated goal.

Our requirement in Beijing is to meet the government restriction that only attendees of the meeting can access the Internet through our external link.

There are no requirements for, and we will certainly not be doing, any monitoring of users. Period.

I do not know the layout of the Beijing IETF meeting space. Therefore, I do not know the best approach to securing wired connections in the terminal room and elsewhere. I am suggesting, to be more explicit, that a guard at the door of the terminal room checking that everyone simply has an IETF badge, as we have done in many previous meetings, may be sufficient for Beijing as well, and the easiest solution for all.

And we are working hand-in-hand with the Beijing folks first in Maastricht and then Beijing to refine the requirements and the implementation. Four or five of the folks that will be the core of the NOC team in Beijing are members of the NOC team in Maastricht and will be working with us throughout the meeting. Some of them will be staffing the help desk alongside the RIPE folks, so come by and introduce yourselves.

Our roles will reverse in Beijing as they will be responsible for the network and we will be there to help.

We are well aware of the concerns of IETF attendees around privacy. We share these concerns.

Chris.

best regards,

Ted Hardie
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]