Hi Sam, I understand it is important to know, and agree it could have been made more clear.
But I expect as long as the end-points are consistent then from the security point of view it do not matter if it is: 1) HGW ------- NAS NAS is the DHCP server NAS is the authentication end-point 2) HGW ------- NAS (------ DHCP Server) NAS acting as DHCP Proxy, looks like server to the HGW NAS is the authentication end-point 2) HGW -------(NAS)----- DHCP Server NAS is acting as DHCP Relay DHCP Server is the authentication end-point cheers, Peter > -----Original Message----- > From: Sam Hartman [mailto:[EMAIL PROTECTED] > Sent: 5. december 2007 12:52 > To: [EMAIL PROTECTED] > Cc: 'Yoshihiro Ohba'; 'Richard Pruss'; [EMAIL PROTECTED] > Subject: Re: [Int-area] EAP and DHCP end-points > > >>>>> "Peter" == Peter Arberg <[EMAIL PROTECTED]> writes: > > Peter> We can start a long theoretical discussion on pros and cons > Peter> of relay versus dhcp proxy in the NAS, but that has nothing > Peter> to do with TR-101, and it has nothing to do with the draft, > Peter> no one said that if the NAS is working as a dhcp proxy it > Peter> is incapable of working as a dhcp relay if setup to do so. > > Peter, the problem I have is that when we are talking about security > protocols, understanding the endpoints and cryptographically verifying > the endpoints becomes critical. > > So, I suspect that we will have to do away with a certain sloppiness > that has been common here. > > _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
