Hi all,
> I think SASL over EAP would be useful. Would it be in scope for EMU?
Thanks to Alan's comments (and others' silent agreement) I've been able
to answer this with "maybe" but, more importantly, "not yet".
We are designing and building an internet-wide identity system that uses
Diameter
Jim,
> [JLS] I am a bit surprised at hearing this is abandoned given that they
> released an update of the software on the 20th of April
I heard about stopping Moonshot years ago; this is newer info.
-Rick
___
Emu mailing list
Emu@ietf.org
-Original Message-
From: Emu On Behalf Of Rick van Rein
Sent: Wednesday, April 22, 2020 12:52 AM
To: Alan DeKok
Cc: EMU WG
Subject: Re: [Emu] Proposal: SASL over EAP
Hi Alan / EMU,
I'll try to talk to Paul @ SURF about Diameter <--> RADIUS; he runs Eduroam
and I think
Hi Alan / EMU,
I'll try to talk to Paul @ SURF about Diameter <--> RADIUS; he runs
Eduroam and I think he has mentioned Diameter before. Our use case is
completely new anyway, so we have a free choice.
Good to hear that EAP-SASL sounds implementable. We haven't built it,
but I usually
On Apr 18, 2020, at 3:55 PM, Rick van Rein wrote:
> This is turning into a discussion about RADIUS versus Diameter.
I'm suggesting that since EAP runs over AAA protocols, it helps to understand
where each AAA protocol is used, and why.
The alternative is to have a solution which isn't
Hi,
This is turning into a discussion about RADIUS versus Diameter. Please
note that this is not implied by my proposal of SASL over EAP; that I
merely want to be somewhat clear about how the use case could look.
I do thank you for evaluating these details, and am aware that the
anticipated
On Apr 18, 2020, at 2:05 PM, Rick van Rein wrote:
> The reason for Diameter is that it scales up to the Internet (in terms
> of connection pooling / efficiency and in terms of security). RADIUS is
> really useful for internal networks, but becomes rather clumsy when
> crossing the Internet -- it
Hi Alan,
>> An interesting usecase for EAP-SASL with all this would be WiFi and LAN
>> authentication (EAPOL or 802.1x) passed over Diameter to *any* domain on
>> the Internet, and receiving back tunnel information.
>
> Or RADIUS
That's what everyone is thinking ;-)
The reason for
On Apr 16, 2020, at 1:38 PM, Rick van Rein wrote:
> I think SASL over EAP would be useful. Would it be in scope for EMU?
I can't say if it's in scope. But I don't think there's any other place this
would would get done. So it's a "maybe".
> SASL is normally used for applications, while
Hello,
I think SASL over EAP would be useful. Would it be in scope for EMU?
SASL is normally used for applications, while EAP authenticates
networks. However, with VPNs these uses get mixed.
We're making a few other changes to SASL that line up with this:
- Diameter embedding of SASL tokens
10 matches
Mail list logo