eap Mailing List: Re: Questions for draft-barany-eap-gee-01

[Quinn Li (quinn.liqin]

Hi Lakshminath,

Thank you for your immediate response.
My comments are included inline.

On 6/13/06, Lakshminath Dondeti <ldondeti [at] qualcomm.com> wrote:
> Hi,
>
> GEE is not a general purpose authentication protocol.  It is a
> generic EAP encapsulation mechanism that allows demultiplexing of
> multiple simultaneous EAP conversations between a peer and an
> authenticator.  You say that the draft does describe the MVNO
> scenarios well, so I guess we can safely conclude that it does its job then.
Yes, I know GEE allows demulitplexing multiple EAP conversation.
AFAIK, MVNO is currently the only application for GEE. Do you have any
other application in your mind?

> EAP is not used for IMS or Mobile IPv6 authentication, is it?  So, in
> simple terms, it's not the purpose of the GEE draft to specify
> support for those services.
Not exactly, EAP is supported in Mobile IPv6 authentication. Please
refer to section 8 "The use of EAP authentication" in
draft-ietf-mip6-ikev2-ipsec. Does that mean GEE draft can support
services like Mobile IPv6 as long as it uses EAP authentication? But
How?

> With your last statement, are you saying that there is another way to
> demultiplex multiple parallel EAP exchanges?  If so, I would like to
> read about it.   Please share the reference.  Thanks.
By another way, I mean in most circumstances except MVNO, multiple
parallel EAP exchange can be demultiplexed by the underlying protocol
of EAP. For example, if you want to have two Mobile IPv6
authentication done simultaneously, you can initiate two IKE with two
different Home Agent.

> snip

Thanks
Qin