On Thu, August 25, 2011 11:27 pm, Glen Zorn wrote: > On 8/26/2011 1:13 PM, Dan Harkins wrote: >> >> >> On Thu, August 25, 2011 10:32 pm, Glen Zorn wrote: >>> On 8/26/2011 4:22 AM, Dan Harkins wrote: >>> >>>>> 3) I think MSCHAPv2 is an entirely inappropriate MTI for this >>>>> mechanism. I brought that up as an example about how under certain >>>>> conditions the fact that something is the kind of thing the IETF >>>>> standardizes but is never the less informational should not block a >>>>> downward reference. I was attempting to explain my thinking on the >>>>> process issue to you, not to suggest MSCHAPv2 for this document. >>>>> Apparently I failed to explain my thinking on the process issue. >>>> >>>> I completely missed that. Sorry. But if the IETF standardized a >>>> wholly inappropriate protocol like MSCHAPv2 (it doesn't even generate >>>> a >>>> shared key) >>> >>> Please check your sources & refrain from spouting nonsense; if EAP-pwd >>> is really so wonderful you shouldn't need to disparage other work, it >>> should stand on its own merit. >> >> I stand corrected. That must be why draft-zorn-emu-team proposed using >> MSCHAPv2. Oh wait, it didn't. It proposed using EAP-pwd. > > & this has a relation to your misrepresentation how?
It doesn't really, it was a reference to your implication that EAP-pwd cannot stand on its own merit, and requires the disparagement of other work to prop it up. Which I think we can both agree is not the case. Anyway, yes I misrepresented MSCHAPv2. It does produce a key. I was wrong. But I still think the statement that MSCHAPv2 is inappropriate for doing server unauthenticated provisioning mode is valid even with a secret key output by MSCHAPv2. I hope we can both agree on that too. Dan. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
