Pre-Authentication Support for the Protocol for Carrying Authentication for Network Access (PANA)
draft-ietf-pana-preauth-09
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2015-10-14
|
09 | (System) | Notify list changed from pana-chairs@ietf.org, draft-ietf-pana-preauth@ietf.org to pana-chairs@ietf.org |
|
2012-08-22
|
09 | (System) | post-migration administrative database adjustment to the No Objection position for Pasi Eronen |
|
2012-08-22
|
09 | (System) | post-migration administrative database adjustment to the No Objection position for Magnus Westerlund |
|
2010-05-17
|
09 | Amy Vezza | State Changes to RFC Published from RFC Ed Queue by Amy Vezza |
|
2010-05-17
|
09 | Amy Vezza | [Note]: 'RFC 5873' added by Amy Vezza |
|
2010-05-14
|
09 | (System) | RFC published |
|
2010-03-18
|
09 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
|
2010-03-18
|
09 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
|
2010-03-18
|
09 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
|
2010-03-18
|
09 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
|
2010-03-15
|
09 | Cindy Morgan | State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan |
|
2010-03-15
|
09 | (System) | IANA Action state changed to In Progress |
|
2010-03-15
|
09 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2010-03-15
|
09 | Amy Vezza | IESG has approved the document |
|
2010-03-15
|
09 | Amy Vezza | Closed "Approve" ballot |
|
2010-03-12
|
09 | (System) | Removed from agenda for telechat - 2010-03-11 |
|
2010-03-11
|
09 | Cindy Morgan | State Changes to Approved-announcement to be sent from IESG Evaluation::External Party by Cindy Morgan |
|
2010-03-11
|
09 | Magnus Westerlund | [Ballot Position Update] Position for Magnus Westerlund has been changed to No Objection from Discuss by Magnus Westerlund |
|
2010-03-11
|
09 | Tim Polk | [Ballot Position Update] New position, No Objection, has been recorded by Tim Polk |
|
2010-02-25
|
09 | Jari Arkko | Placed on agenda for telechat - 2010-03-11 by Jari Arkko |
|
2010-02-25
|
09 | Jari Arkko | State Changes to IESG Evaluation::External Party from IESG Evaluation::AD Followup by Jari Arkko |
|
2010-02-25
|
09 | Jari Arkko | waiting for draft-arkko-pana-iana to complete |
|
2010-02-10
|
09 | Pasi Eronen | [Ballot Position Update] Position for Pasi Eronen has been changed to No Objection from Discuss by Pasi Eronen |
|
2010-02-09
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2010-02-09
|
09 | (System) | New version available: draft-ietf-pana-preauth-09.txt |
|
2010-01-21
|
09 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Joseph Salowey. |
|
2010-01-21
|
09 | Cindy Morgan | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Cindy Morgan |
|
2010-01-21
|
09 | Magnus Westerlund | [Ballot discuss] RFC 5191 says the following: 10.2.2. Flags There are 16 bits in the Flags field of the PANA message header. This … [Ballot discuss] RFC 5191 says the following: 10.2.2. Flags There are 16 bits in the Flags field of the PANA message header. This document assigns bit 0 ('R'), 1 ('S'), 2 ('C'), 3 ('A'), 4 ('P'), and 5 ('I') in Section 6.2. The remaining bits MUST only be assigned via a Standards Action [IANA]. So to my understanding this document can not be published as an experimental and get the E bit assigned. |
|
2010-01-21
|
09 | Magnus Westerlund | [Ballot Position Update] New position, Discuss, has been recorded by Magnus Westerlund |
|
2010-01-21
|
09 | Pasi Eronen | [Ballot discuss] I have reviewed draft-ietf-pana-preauth-08, and have couple of questions that probably need some clarification in the document: - How does pre-authentication interact … [Ballot discuss] I have reviewed draft-ietf-pana-preauth-08, and have couple of questions that probably need some clarification in the document: - How does pre-authentication interact with the IP Reconfiguration and the 'I' bit? (E.g., when the CPAA becomes the SPAA, can it tell the PaC to do IP reconfiguration?) - PANA can be used with non-key-generating EAP methods; however, it seems pre-authentication requires a PANA SA? (since otherwise there would be nothing to securely link the PNR/PNA exchange to the earlier authentication) |
|
2010-01-21
|
09 | Pasi Eronen | [Ballot discuss] I have reviewed draft-ietf-pana-preauth-08, and have couple of questions that probably need some clarification in the document: - How does pre-authentication interact … [Ballot discuss] I have reviewed draft-ietf-pana-preauth-08, and have couple of questions that probably need some clarification in the document: - How does pre-authentication interact with the IP Reconfiguration and the 'I' bit? (E.g., when the CPAA becomes the SPAA, can it tell the PaC to do IP reconfiguration?) - PANA can be used with non-key-generating EAP methods; however, it seems pre-authentication really cannot? (since there would be nothing to securely link the PNR/PNA exchange to the earlier authentication) |
|
2010-01-21
|
09 | Pasi Eronen | [Ballot Position Update] New position, Discuss, has been recorded by Pasi Eronen |
|
2010-01-20
|
09 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
|
2010-01-20
|
09 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel |
|
2010-01-20
|
09 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks |
|
2010-01-19
|
09 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms |
|
2010-01-19
|
09 | Ralph Droms | [Ballot comment] In section 6, I'm not clear what "authorized PaCs" are in this sentence: It is recommended that the authorized PaCs are limited … [Ballot comment] In section 6, I'm not clear what "authorized PaCs" are in this sentence: It is recommended that the authorized PaCs are limited to well-known IP networks for a given PAA. |
|
2010-01-19
|
09 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
|
2010-01-18
|
09 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
|
2010-01-18
|
09 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
|
2010-01-16
|
09 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded by Alexey Melnikov |
|
2010-01-15
|
09 | Jari Arkko | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Jari Arkko |
|
2010-01-15
|
09 | Jari Arkko | Note field has been cleared by Jari Arkko |
|
2010-01-12
|
09 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
|
2010-01-07
|
09 | Amanda Baber | IANA comments: Upon approval of this document, IANA will make the following assignment in the "Message Flags" registry at http://www.iana.org/assignments/pana-parameters/pana-parameters.xhtml Bit Code Description Reference --- … IANA comments: Upon approval of this document, IANA will make the following assignment in the "Message Flags" registry at http://www.iana.org/assignments/pana-parameters/pana-parameters.xhtml Bit Code Description Reference --- ---- ------------------ -------------------- 6 E prE-authentication [RFC-pana-preauth-08] |
|
2009-12-18
|
09 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Joseph Salowey |
|
2009-12-18
|
09 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Joseph Salowey |
|
2009-12-15
|
09 | Amy Vezza | Last call sent |
|
2009-12-15
|
09 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
|
2009-12-15
|
09 | Jari Arkko | Placed on agenda for telechat - 2010-01-21 by Jari Arkko |
|
2009-12-15
|
09 | Jari Arkko | State Changes to Last Call Requested from AD Evaluation::AD Followup by Jari Arkko |
|
2009-12-15
|
09 | Jari Arkko | Last Call was requested by Jari Arkko |
|
2009-12-15
|
09 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded for Jari Arkko |
|
2009-12-15
|
09 | Jari Arkko | Ballot has been issued by Jari Arkko |
|
2009-12-15
|
09 | Jari Arkko | Created "Approve" ballot |
|
2009-12-15
|
09 | (System) | Ballot writeup text was added |
|
2009-12-15
|
09 | (System) | Last call text was added |
|
2009-12-15
|
09 | (System) | Ballot approval text was added |
|
2009-12-15
|
09 | Jari Arkko | new version looks OK |
|
2009-12-14
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2009-12-14
|
08 | (System) | New version available: draft-ietf-pana-preauth-08.txt |
|
2009-10-27
|
09 | Jari Arkko | State Changes to AD Evaluation::Revised ID Needed from AD Evaluation by Jari Arkko |
|
2009-10-27
|
09 | Jari Arkko | I have reviewed this document. The chairs believed that this draft could progress to the IESG, if certain scope reductions would be done and those … I have reviewed this document. The chairs believed that this draft could progress to the IESG, if certain scope reductions would be done and those are now in effect in -07. Section 3: you should make it clear at the beginning what you expect as the output of the discovery process. I believe you are expecting an IP address of the PAA. Similarly, you should state that the PANA exchange happens between the client and the CPAA (and not, for instance, somehow proxied via SPAA). The security considerations section seems thin. I'm sure there are more aspects to consider. For instance, what about DoS attacks where an evil client creates unnecessary state in a large number of networks? What about opening firewalls up for PANA traffic from the Internet -- it would seem that at the very least, there's an issue of fraudulent clients attempting to start EAP negotiations, creating partial session entries in PANA, AAA, and EAP state machines. 802.21 is mentioned to be the default discovery mechanism. But the text that says this is very thin on how 802.21 should be used. And the reference is informative. Maybe there's a part of 802.21 that explains exactly how to do it and what attributes are used. But I doubt it. Perhaps it would be better to not claim that 802.21 is the default mechanism. Overall, I think this draft is reasonably simple and can move forward. However, given that we have no real specification of the discovery phase, and given the general lack of wide-spread working group interest, I'd say Experimental extension is the right classification. |
|
2009-10-27
|
09 | Jari Arkko | State Changes to AD Evaluation from Publication Requested by Jari Arkko |
|
2009-10-27
|
09 | Jari Arkko | Draft Added by Jari Arkko in state Publication Requested |
|
2009-10-11
|
07 | (System) | New version available: draft-ietf-pana-preauth-07.txt |
|
2009-06-27
|
06 | (System) | New version available: draft-ietf-pana-preauth-06.txt |
|
2009-04-13
|
05 | (System) | New version available: draft-ietf-pana-preauth-05.txt |
|
2008-12-03
|
04 | (System) | New version available: draft-ietf-pana-preauth-04.txt |
|
2008-10-24
|
03 | (System) | New version available: draft-ietf-pana-preauth-03.txt |
|
2007-11-18
|
02 | (System) | New version available: draft-ietf-pana-preauth-02.txt |
|
2006-03-16
|
(System) | Posted related IPR disclosure: Toshiba America Research, Inc.'s Statement regardfing IPR claimed in draft-ietf-pana-preauth-01 | |
|
2006-03-07
|
01 | (System) | New version available: draft-ietf-pana-preauth-01.txt |
|
2005-10-14
|
00 | (System) | New version available: draft-ietf-pana-preauth-00.txt |