Re: [Anima] BRSKI over 802.11

I am not even sure we would need to come up with just one permitted option. The two directions i see now from Owens input: a) "enterprise" Model. Relying on AAA server to be able to authenticate Pledges based on e.g.: EAP-TLS with IDevID as auth. No additional SSID needed. Should try to also

Re: [Anima] BRSKI over 802.11

Owen Friel (ofriel) wrote: > [ofriel] I think a more comprehensive analysis of the various SSID > discover options (DPP, hardcoded SSID, NAI Realm,..) and how each fits > into the two post-SSID discovery options of (i) a new EAP-BRSKI > vs. (ii) reuse of EAP-TLS

Re: [Anima] BRSKI over 802.11

t Lear (elear) <el...@cisco.com> Subject: Re: [Anima] BRSKI over 802.11 Owen, thanks for the extensive email... I actually read to the end. What's this legacy "DHCP" protocol? Does anyone still use it? :-) I thought IPv4 was an over-the-top service now.. :-) :-) It seems l

Re: [Anima] BRSKI over 802.11

om>; Eliot Lear (elear) <el...@cisco.com> Subject: Re: [Anima] BRSKI over 802.11 Thanks, Owen, inline On Thu, Feb 15, 2018 at 07:54:48PM +, Owen Friel (ofriel) wrote: > (some context - I've been talking internally to Max and Eliot about > this quite a bit) > > First, a high

Re: [Anima] BRSKI over 802.11

cher being tunnelled inside > EAP, etc. > 4. Once device has completed BRSKI and has an LDevID, it gets its EAP-Success > 5. AAA instructs WLC to put device in a network segment that grants it access > to all required services > 6. device does DHCP and we are done >

Re: [Anima] BRSKI over 802.11

Owen, thanks for the extensive email... I actually read to the end. What's this legacy "DHCP" protocol? Does anyone still use it? :-) I thought IPv4 was an over-the-top service now.. :-) :-) It seems like you have most of an ID already there... perhaps you'd like to write something up... since

Re: [Anima] BRSKI over 802.11

rless Eckert Sent: Wednesday 14 February 2018 19:13 To: Michael Richardson <mcr+i...@sandelman.ca> Cc: anima@ietf.org Subject: Re: [Anima] BRSKI over 802.11 On Wed, Feb 14, 2018 at 02:08:20PM -0500, Michael Richardson wrote: > > Nancy mentioned other 802.11 options beside SSID, so

Re: [Anima] BRSKI over 802.11

On Wed, Feb 14, 2018 at 02:08:20PM -0500, Michael Richardson wrote: > > Nancy mentioned other 802.11 options beside SSID, so maybe we should > > gate a decision to adopt any such work to the WG having sufficient > > understanding of what the existing options in 802.11 are that > >

Re: [Anima] BRSKI over 802.11

Toerless Eckert wrote: > I would prefer for any work in this space to happen in > followup document(s), not in BRSKI itself. I agree completely. I wasn't imagining putting it into the current document. > I think anything done in ANIMA should purely be describing

Re: [Anima] BRSKI over 802.11

Hi Toerless, On this point: On 14.02.18 17:56, Toerless Eckert wrote: > Aka: selecting the best SSID in face of competing offers > multiple or single AP is the type of work i think we should > give some tthought to. Ideally something extensible > where we can in the first spec get away with a

Re: [Anima] BRSKI over 802.11

Eliot: did I get you correctly? > > > > B.R. > > Bing > > > >> -Original Message- > >> From: Anima [mailto:anima-boun...@ietf.org] On Behalf Of Eliot Lear > >> Sent: Thursday, February 08, 2018 5:51 PM

Re: [Anima] BRSKI over 802.11

On Behalf Of Eliot Lear >> Sent: Thursday, February 08, 2018 5:51 PM >> To: Artur Hecker <artur.hec...@huawei.com>; anima@ietf.org >> Subject: Re: [Anima] BRSKI over 802.11 >> >> Artur, >> >> I suspect

Re: [Anima] BRSKI over 802.11

Liubing (Leo) wrote: > A clarification question: it sounds like there are two approaches > proposed, not sure I understood it correctly: (1) > Michael's proposal: there is a dedicated SSID, say "Anima", it is > enabled by default, and there is no security.

Re: [Anima] BRSKI over 802.11

ng > >> -Original Message- >> From: Anima [mailto:anima-boun...@ietf.org] On Behalf Of Eliot Lear >> Sent: Thursday, February 08, 2018 5:51 PM >> To: Artur Hecker <artur.hec...@huawei.com>; anima@ietf.org >> Subject: Re: [Anima] BRSKI over 802.11 >> &g

Re: [Anima] BRSKI over 802.11

ehalf Of Eliot Lear > Sent: Thursday, February 08, 2018 5:51 PM > To: Artur Hecker <artur.hec...@huawei.com>; anima@ietf.org > Subject: Re: [Anima] BRSKI over 802.11 > > Artur, > > I suspect much – but not all – of this could be addressed in EAP. > > Eliot &g

Re: [Anima] BRSKI over 802.11

; > >> -Original Message- >> From: Michael Richardson [mailto:mcr+i...@sandelman.ca] >> Sent: 07 February 2018 20:07 >> To: Artur Hecker <artur.hec...@huawei.com> >> Cc: anima@ietf.org >> Subject: Re: [Anima] BRSKI over 802.11 >> >

Re: [Anima] BRSKI over 802.11

an dictate to have. Regards artur > -Original Message- > From: Michael Richardson [mailto:mcr+i...@sandelman.ca] > Sent: 07 February 2018 20:07 > To: Artur Hecker <artur.hec...@huawei.com> > Cc: anima@ietf.org > Subject: Re: [Anima] BRSKI over 802.11 > >

Re: [Anima] BRSKI over 802.11

Artur Hecker wrote: > Hi Michael, > My opinion: I don't think understood the question :-) 1) It's not about Wireless Access Points, so all of the Wifi Alliance, etc. talk makes no sense to me. There can be no access points until they have been

Re: [Anima] BRSKI over 802.11

Hi Michael, My opinion: Q1: In principle, I believe that it would make sense to do it. However, a different question is whether ANIMA WG of the IETF is the right place for it. For instance, the integration of WPA-Enterprise you mentioned had been done by the WiFi-Alliance, albeit heavily