Hi, Please consider some general comments on the scope of the proposed solution.
- Location of the DHCP client The section 5 seems to only consider DHCP clients residing in the HGW whereas it is indicated in section 3 "The DHCP Client resides either on a home network device or the HGW". If both implementations are supported by the solution, the draft should clearly documented the case of the authentication of devices behing the HGW. If not, such limitations/restrictions should be indicated. Such information will be important to appraise the applicability scope of the proposed solution. By the way, it is wothwhile to note the per-user authentication will be required also for user devices connected to the HGW. - Location of the DHCP server In the section 5, NAS and DHCP server are colocated whereas it is described that the NAS may also act as a DHCP relay agent between the DHCP client and the DHCP server. It could be useful to see a description of the latter implementation option, with any possible impacts (or required enhancements) on the proposed solution. - IPv6 Applicability As already mentioned, there is nothing about the applicability of the solution to an IPv6 environment. Even if not massively deployed for now, IPv6 support is nevertheless an architectural requirement in the DSL service model. This consequently applies also to the access authentication solution defined for DSL networks. - Network-initiated re-authentication I wonder if there are EAP methods that require EAP server-intiated re-authentication procedures. If it is the case, is it correct to say that the DHCP protocol would not be the best candidate for such a requirement? That wouldn't preclude the use of this solution when server-initiated procedures are not needed. Anyway an added text clarifying such a limitation could be useful (if needed at all). By the way, if server-initiated re-authentication is not supported, that could mean that there would be a need to bind the session authorization lifetime to the DHCP lease. But there is no indication of such possible binding in the document... Best Regards, Lionel _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
