Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
Good evening, I`d like to ask about the current state of this suggestion. As I see the original proposal was submitted in the end of 2010 but still no activity regarding this task. Could this patch (the latest version can be found here: http://www.nikhef.nl/~janjust/ppp/download.html) be finally integrated into the ppp package at least in 'unstable' release? This functionality is very useful for corporate users who have to use smart-cards to access the corporate VPN. This patch is already included in Ubuntu, Gentoo and many other Linux distributions, but this functionality is still missing in debian. The most funny thing that package l2tp-ipsec-vpn already supports smartcards but this functionality does not work because pppd does not support EAP-TLS. I`m happy to test this feature, anyway I`m using the patched pppd to get an access to my working network. With best regards, Sergey Gridnev mailto:enri...@gmail.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
On Nov 02, Sergey Gridnev enri...@gmail.com wrote: I`d like to ask about the current state of this suggestion. As I see the original proposal was submitted in the end of 2010 but still no activity regarding this task. There is no ongoing activity at all on the ppp package, it needs co-maintainers. -- ciao, Marco signature.asc Description: Digital signature
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
On Nov 05, Werner Jaeger werner.jae...@t-systems.com wrote: This package contains an extended Point-to-Point Protocol (PPP) daemon with support for EAP-TLS authentication. I expect that the ftpmasters will not accept a seconda copy of the whole ppp package without a good reason. Why the EAPTLS patch cannot be merged both upstream and in the standard Debian package? I do not remember any recent activity on either front. -- ciao, Marco signature.asc Description: Digital signature
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
reassign 602503 ppp retitle 602503 integrate the EAP-TLS patch severity wishlist thanks On Nov 11, werner.jae...@t-systems.com wrote: I contacted him and asked him about that. Here is his answer: yes, that's correct: it has been on my TODO list for quite some time now to work through the review comments that I got when I presented my patch for integration into the main ppp source tree. As this is not part of my normal work but purely a hobby project it has taken me longer than I expected to get around to do this. I hope to finish this before the end of this year. You're not the first person to ask if/when the eap-tls patch will be integrated into the upstream ppp code. This is not really a great start, but then please work out how to integrate the patch in the current ppp package. -- ciao, Marco -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
Package: wnpp Severity: wishlist Owner: Werner Jaeger werner.jae...@t-systems.com Package name: ppp-2.4.5-eaptls-mppe Version : 0.98 Upstream Author : Paul Mackerras pau...@samba.org, Jan Just Keijser janj...@nikhef.nl URL : http://samba.org/ppp/ License : BSD Programming Lang: C Description : PPP daemon with EAP-TLS authentication support This package contains an extended Point-to-Point Protocol (PPP) daemon with support for EAP-TLS authentication. The Extensible Authentication Protocol (EAP; RFC 3748) is a security protocol that can be used with PPP. It provides a means to plug in multiple optional authentication methods. Transport Level Security (TLS; RFC 2246) provides for mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints. It also provides for optional MPPE encryption. EAP-TLS (RFC 2716) incapsulates the TLS messages in EAP packets, allowing TLS mutual authentication to be used as a generic EAP mechanism. It also provides optional encryption using the MPPE protocol. This authentication method can be used in both client or server mode. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
On Fri, Nov 05, 2010 at 12:48:32PM +0100, Werner Jaeger wrote: Package: wnpp Severity: wishlist Owner: Werner Jaeger werner.jae...@t-systems.com Package name: ppp-2.4.5-eaptls-mppe Version : 0.98 Upstream Author : Paul Mackerras pau...@samba.org, Jan Just Keijser janj...@nikhef.nl URL : http://samba.org/ppp/ License : BSD Programming Lang: C Description : PPP daemon with EAP-TLS authentication support This package contains an extended Point-to-Point Protocol (PPP) daemon with support for EAP-TLS authentication. The Extensible Authentication Protocol (EAP; RFC 3748) is a security protocol that can be used with PPP. It provides a means to plug in multiple optional authentication methods. Transport Level Security (TLS; RFC 2246) provides for mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints. It also provides for optional MPPE encryption. EAP-TLS (RFC 2716) incapsulates the TLS messages in EAP packets, allowing TLS mutual authentication to be used as a generic EAP mechanism. It also provides optional encryption using the MPPE protocol. This authentication method can be used in both client or server mode. Hello, as far as I know Jan Just Keijser is already talking with upstream ppp to integrate his patch into mainline, have you talked with him prior to filing this ITP? Kind regards Harald Jenny -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101105114832.7272.37688.report...@localhost6.localdomain6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
Hello, no, I've not talked to him so far, but it's really good to hear that. I'm going to contact him right now. The primary reason why I created this package is because my main package ’l2tp-ipsec-vpn-0.9.2’ depends on a PPPD that is capable of handling EAP_TLS authentication. Kind Regards Werner Jaeger From: Harald Jenny [har...@a-little-linux-box.at] Sent: Friday, November 05, 2010 1:20 PM To: Jaeger, Werner; 602...@bugs.debian.org Subject: Re: Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support On Fri, Nov 05, 2010 at 12:48:32PM +0100, Werner Jaeger wrote: Package: wnpp Severity: wishlist Owner: Werner Jaeger werner.jae...@t-systems.com Package name: ppp-2.4.5-eaptls-mppe Version : 0.98 Upstream Author : Paul Mackerras pau...@samba.org, Jan Just Keijser janj...@nikhef.nl URL : http://samba.org/ppp/ License : BSD Programming Lang: C Description : PPP daemon with EAP-TLS authentication support This package contains an extended Point-to-Point Protocol (PPP) daemon with support for EAP-TLS authentication. The Extensible Authentication Protocol (EAP; RFC 3748) is a security protocol that can be used with PPP. It provides a means to plug in multiple optional authentication methods. Transport Level Security (TLS; RFC 2246) provides for mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints. It also provides for optional MPPE encryption. EAP-TLS (RFC 2716) incapsulates the TLS messages in EAP packets, allowing TLS mutual authentication to be used as a generic EAP mechanism. It also provides optional encryption using the MPPE protocol. This authentication method can be used in both client or server mode. Hello, as far as I know Jan Just Keijser is already talking with upstream ppp to integrate his patch into mainline, have you talked with him prior to filing this ITP? Kind regards Harald Jenny -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101105114832.7272.37688.report...@localhost6.localdomain6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
On Fri, Nov 05, 2010 at 12:48:32PM +0100, Werner Jaeger wrote: Package name: ppp-2.4.5-eaptls-mppe Does the package name really need the version number encoded into it? Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `-GPG Public Key: 0x25BFB848 Please GPG sign your mail. signature.asc Description: Digital signature
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
Hello, good question. I tend to answer yes, because I can not think of another way to reflect the underlying PPPD version. Kind Regards Werner Jaeger From: Roger Leigh [rle...@codelibre.net] Sent: Friday, November 05, 2010 4:12 PM To: Jaeger, Werner; 602...@bugs.debian.org Cc: Debian Bug Tracking System Subject: Re: Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support On Fri, Nov 05, 2010 at 12:48:32PM +0100, Werner Jaeger wrote: Package name: ppp-2.4.5-eaptls-mppe Does the package name really need the version number encoded into it? Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `-GPG Public Key: 0x25BFB848 Please GPG sign your mail. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support
On Fri, Nov 05, 2010 at 01:36:28PM +0100, werner.jae...@t-systems.com wrote: Hello, Hi no, I've not talked to him so far, but it's really good to hear that. I'm going to contact him right now. Please keep me informed about what he had to say. The primary reason why I created this package is because my main package ?l2tp-ipsec-vpn-0.9.2? depends on a PPPD that is capable of handling EAP_TLS authentication. Ah I understand, then it will perhaps make sense to build the package although it may not live for long... Kind Regards Werner Jaeger Kind regards Harald Jenny From: Harald Jenny [har...@a-little-linux-box.at] Sent: Friday, November 05, 2010 1:20 PM To: Jaeger, Werner; 602...@bugs.debian.org Subject: Re: Bug#602503: ITP: ppp-2.4.5-eaptls-mppe -- PPP daemon with EAP-TLS authentication support On Fri, Nov 05, 2010 at 12:48:32PM +0100, Werner Jaeger wrote: Package: wnpp Severity: wishlist Owner: Werner Jaeger werner.jae...@t-systems.com Package name: ppp-2.4.5-eaptls-mppe Version : 0.98 Upstream Author : Paul Mackerras pau...@samba.org, Jan Just Keijser janj...@nikhef.nl URL : http://samba.org/ppp/ License : BSD Programming Lang: C Description : PPP daemon with EAP-TLS authentication support This package contains an extended Point-to-Point Protocol (PPP) daemon with support for EAP-TLS authentication. The Extensible Authentication Protocol (EAP; RFC 3748) is a security protocol that can be used with PPP. It provides a means to plug in multiple optional authentication methods. Transport Level Security (TLS; RFC 2246) provides for mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints. It also provides for optional MPPE encryption. EAP-TLS (RFC 2716) incapsulates the TLS messages in EAP packets, allowing TLS mutual authentication to be used as a generic EAP mechanism. It also provides optional encryption using the MPPE protocol. This authentication method can be used in both client or server mode. Hello, as far as I know Jan Just Keijser is already talking with upstream ppp to integrate his patch into mainline, have you talked with him prior to filing this ITP? Kind regards Harald Jenny -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101105114832.7272.37688.report...@localhost6.localdomain6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org