All,
A use case for parallel EAP transaction is: terminal auth
and user auth.
If you take this simple use case, it may be easier for you
to understand
why parallel EAP transactions may be useful.
Even if the authenticators are not the same, the
de-multiplexing layer
(GEE in this case) allows the MN to differentiate the EAP
packets.
-Kuntal
> -----Original Message-----
> From: Narayanan, Vidya [mailto:vidyan qualcomm.com]
> Sent: Tuesday, June 20, 2006 2:21 PM
> To: Nakhjiri Madjid-MNAKHJI1; Dondeti, Lakshminath;
Quinn Li; Cao Zhen
> Cc: eapfrascone.com
> Subject: Re: [eap] Questions for
draft-barany-eap-gee-01
>
>
> Madjid,
>
> >
> > First of all, multiple parallel EAPs between who
and whom. In
> > general case one end is the peer but the other end
is not
> > always the same.
> >
>
> This is clearly explained in the draft - do you find
that explantion
to
> not be adequate? If so, it would help if you point out
the issues with
> the details in the draft.
>
> > Second, I can see a case where you have to do both
IMS
> > authentication and MIP6 authentication, not sure
if
> > "parallelism" can be achieved but that
is just the nature of
> > the beast.
> >
>
> It is about running them in parallel on the same lower
layer. IMS and
> MIP6 are different services - I don't see any reason
why you can't
> authenticate for both in parallel with what is
available today.
>
> Vidya
>
> > Third, when I want to design a system, I usually
look for the
> > best solution for each system, not why a specific
solution
> > cannot be used. I just don't see anything
remarkable about
> > putting a new layer in EAP except the adding
complexity to
> > something that is already too complex. I
personally cannot
> > justify spending the time explaining all the EAP
keying
> > layering concepts to an implementer under deadline
pressure,
> > let alone adding yet another layer through an
addendum to EAP
> > keying. I have already seen that nobody but a
small group of
> > people understands the layering concepts anyway.
> >
> > Madjid
> >
> > -----Original Message-----
> > From: Narayanan, Vidya [mailto:vidyanqualcomm.com]
> > Sent: Tuesday, June 20, 2006 1:11 PM
> > To: Nakhjiri Madjid-MNAKHJI1; Dondeti,
Lakshminath; Quinn Li; Cao
Zhen
> > Cc: eapfrascone.com
> > Subject: Re: [eap] Questions for
draft-barany-eap-gee-01
> >
> >
> > Madjid,
> > There is no customization for any specific use
case. GEE can
> > be used any
> > time multiple parallel EAP runs are needed on a
given lower layer. I
> > don't, however, see a use case where multiple
parallel runs
> > of EAP will
> > be required for a service such as MIP6 or IMS. If
there is such a
use
> > case, there is no reason why GEE cannot be used.
> >
> > If you think of a case where GEE cannot be used to
> > demultiplex multiple
> > parallel EAP exchanges, please share your thoughts
on it.
> >
> > Thanks,
> > Vidya
> >
> > > -----Original Message-----
> > > From: Nakhjiri Madjid-MNAKHJI1
> > [mailto:Madjid.Nakhjirimotorola.com]
> > > Sent: Tuesday, June 20, 2006 8:02 AM
> > > To: Dondeti, Lakshminath; Quinn Li; Cao Zhen
> > > Cc: eapfrascone.com
> > > Subject: Re: [eap] Questions for
draft-barany-eap-gee-01
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Lakshminath Dondeti
[mailto:ldondetiqualcomm.com]
> > > Sent: Monday, June 12, 2006 11:58 PM
> > > To: Quinn Li; Cao Zhen
> > > Cc: eapfrascone.com
> > > Subject: Re: [eap] Questions for
draft-barany-eap-gee-01
> > >
> > > Hi,
> > >
> > > GEE is not a general purpose authentication
protocol. It is
> > > a generic EAP encapsulation mechanism that
allows
> > > demultiplexing of multiple simultaneous EAP
conversations
> > > between a peer and an authenticator. You say
that the draft
> > > does describe the MVNO scenarios well, so I
guess we can
> > > safely conclude that it does its job then.
> > >
> > > EAP is not used for IMS or Mobile IPv6
authentication, is it?
> > > So, in simple terms, it's not the purpose
of the GEE draft
> > > to specify support for those services.
> > >
> > > Madjid>>EAP is being used for
non-cellular access into IMS.
> > > EAP is being considered for MIP6
bootstrapping.
> > > If the idea is to standardize the usage, then
it should not
> > > be customized for a specific use case.
> > >
> > >
____________________________________________________________
_____
> > > To unsubscribe or modify your subscription
options, please visit:
> > > http:/
/lists.frascone.com/mailman/listinfo/eap
> > >
> > > Arhives: http://lists.
frascone.com/pipermail/eap
> > >
> >
____________________________________________________________
_____
> > To unsubscribe or modify your subscription
options, please visit:
> > http:/
/lists.frascone.com/mailman/listinfo/eap
> >
> > Arhives: http://lists.
frascone.com/pipermail/eap
> >
>
____________________________________________________________
_____
> To unsubscribe or modify your subscription options,
please visit:
> http:/
/lists.frascone.com/mailman/listinfo/eap
>
> Arhives: http://lists.
frascone.com/pipermail/eap
"This email message and any attachments are
confidential information of Starent Networks, Corp. The
information transmitted may not be used to create or change
any contractual obligations of Starent Networks, Corp. Any
review, retransmission, dissemination or other use of, or
taking of any action in reliance upon this e-mail and its
attachments by persons or entities other than the intended
recipient is prohibited. If you are not the intended
recipient, please notify the sender immediately -- by
replying to this message or by sending an email to
postmasterstarentnetworks.com -- and destroy all copies of this
message and any attachments without reading or disclosing
their contents. Thank you."
____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap
Arhives: http://lists.
frascone.com/pipermail/eap
|