Hi Hannes, I'm sorry the draft does not meet your expectations with respect to usage as compared to other EAP methods. I actually didn't think such verbage was actually needed. A brief scan of a recent EAP method that was advanced as RFC5106 shows that it too lacks a description of its use with respect to other (pre-existing) EAP methods so I'm not sure such a thing is strictly necessary but if you can provide suggested text I'm willing to consider including them in the draft.
I do not want to channel Bernard but if text requested in (a) is either not needed or provided by you it then your comment in (c) is not valid, correct? regards, Dan. On Tue, March 11, 2008 9:36 am, Hannes Tschofenig wrote: > To continue on the previous discussions about this subject (with a > different subject): > > a) I believe the document does not do a good job in describing where you > plan to use this method in comparison to the already ongoing work on > tunneled mechanisms. > > To quote Bernard on a previous mailing list thread (see mail thread > about "Thoughts on Password-based EAP Methods" from March 2007, at > http://www.ietf.org/mail-archive/web/emu/current/msg00476.html) > " > > I am concerned that by defining yet another password-based > > authentication mechanism, > > " > > I understood that Bernard has a different opinion now and maybe his > comment was influenced in other ways back then in the style of > "... there we discussed tunneled methods and not password based methods in > general ..." > > > b) Assuming that bullet (a) provides a reasonable argument I believe > that the suggested approach is wrong. > > Ciao > Hannes > > Dan Harkins wrote: >> Hello, >> >> There's a new I-D in the Internet-Drafts database called >> draft-harkins-emu-eap-pwd-00.txt. It describes a new method >> for authentication using only a password. It provides resistance >> to active attack, passive attack, and dictionary attack. It >> also provides forward secrecy and an authenticated key (not just >> a shared key between authenticated entities). >> >> Please take a look and send comments to the authors. >> >> regards, >> >> Dan. >> >> >> >> _______________________________________________ >> Emu mailing list >> [email protected] >> http://www.ietf.org/mailman/listinfo/emu >> > > _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
