eap Mailing List: Re: Issue 286: Security

[Jari Arkko (jari.arkko]

Hi Glen,

> This would work for me: I would _really_ like to end all this rather
> coy dancing around the subject.  So, I would like the authors to
> explain clearly, concisely and precisely (_in the document_, not in
> the EAP list archives or some 3GPP document-in-progress, unless
> those are referenced _in the document_) what the purpose of this
> thing is, who is going to use it and why. 

Ok, great!

> Farooq has reminded us several times that this is 3GPP; OK, then put that in title:
> "Identity Selection in 3GPP Networks" or something.  As I mentioned
> in an earlier message, I don't think that any of the hints are
> actually necessary for roaming to function, especially those in
> secondary identity requests.  I suspect (but don't _know_, since the
> authors aren't telling) that this is actually to implement some kind
> of AAA source-routing, possibly to support some legacy model of
> circuit-switched accounting.  

I believe 3GPP intends to use some form of source routing,
even though that would not necessarily be the only way to
use this functionality. I personally hesitate a bit to make
the title 3GPP specific. (Maybe its just a preference of
writing "situation X" instead of "organization Y".) There
seems to be a very specific scenario where the hints are
useful; what comes afterwards is either a decision to go
somewhere else, use another identifer, or source routing.

> OK, fine.  Explain that, clearly mark
> it as a 3GPP thing, make it Informational and let's be done with it.

It is already Informational (and individual submission).

--Jari