eap Mailing List: Re: Questions for draft-barany-eap-gee-01

[Lakshminath Dondeti (ldondeti]

At 11:58 AM 6/20/2006, Nakhjiri Madjid-MNAKHJI1 wrote:
> I agree, it seems that AAA functions that are typically done after 
> authentication are introduced into EAP messaging, while EAP is just 
> a protocol to carry authentication exchanges. EAP is an 
> "authentication" protocol, not a AAA protocol.

I am confused here.  I see no reference to AAA, especially the AAA 
protocol, in the emails below.  What are you referring to?

Lakshminath

> Madjid
>
>
>
> ----------
> From: M. Vanderveen [mailto:mvandervn [at] yahoo.com]
> Sent: Tuesday, June 20, 2006 1:51 PM
> To: Nakhjiri Madjid-MNAKHJI1; Lakshminath Dondeti; Quinn Li; Cao Zhen
> Cc: eap [at] frascone.com
> Subject: Re: [eap] Questions for draft-barany-eap-gee-01
>
> While a solution for demultiplexing several EAP sessions might be 
> helpful, part of the resistance to the introduction of this sublayer 
> is probably due to the fact that there are ways around this issue.
>
> It's not clear to me why we are trying to inform the peer as whether 
> the current EAP session is for service vs. for access. Looking at 
> the newly emerged EAP-GPSK, all the peer needs to know is the ID it 
> gave the server and the server ID, in order to pull out the correct 
> security association to carry out EAP-GPSK. It can be informed 
> whether access or service was granted *after* this is all done, by 
> some other means that have nothing to do with EAP.
>
> In the network that we have deployed, and in others that we hope to 
> deploy some day, multiple EAP sessions do come into play but the 
> overall authentication mechanism can be made to work in a fairly 
> simple fashion without any additional EAP-related mechanisms/layers.
>
> Michaela
>
> Nakhjiri Madjid-MNAKHJI1 <Madjid.Nakhjiri [at] motorola.com> wrote:
>
>
> -----Original Message-----
> From: Lakshminath Dondeti [mailto:ldondeti [at] qualcomm.com]
> Sent: Monday, June 12, 2006 11:58 PM
> To: Quinn Li; Cao Zhen
> Cc: eap [at] frascone.com
> Subject: Re: [eap] Questions for draft-barany-eap-gee-01
>
> Hi,
>
> GEE is not a general purpose authentication protocol. It is a
> generic EAP encapsulation mechanism that allows demultiplexing of
> multiple simultaneous EAP conversations between a peer and an
> authenticator. You say that the draft does describe the MVNO
> scenarios well, so I guess we can safely conclude that it does its job
> then.
>
> EAP is not used for IMS or Mobile IPv6 authentication, is it? So, in
> simple terms, it's not the purpose of the GEE draft to specify
> support for those services.
>
> Madjid>>EAP is being used for non-cellular access into IMS.
> EAP is being considered for MIP6 bootstrapping.
> If the idea is to standardize the usage, then it should not be
> customized for a specific use case.
>
> _________________________________________________________________
> To unsubscribe or modify your subscription options, please visit:
> http://lists.frascone.com/mailman/listinfo/eap
>
> Arhives: http://lists.frascone.com/pipermail/eap
>
>
>
>  __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com