On 03/15/2013 04:04 AM, Robert Cragie wrote:
On 14/03/2013 9:42 PM, Michael Thomas wrote:
On 03/14/2013 10:03 AM, Michael Behringer (mbehring) wrote:
From: Michael Thomas [mailto:m...@mtcc.com]
[...]
In today's world access control is gated at L2 via wpa or similar. Are you
suggesting that we have a L3 equivalent? In addition? In replacement?
We need a solution to this problem. I think this is the first important thing
to note, and so far it isn't noted (or I missed it). Which solution is open for
discussion.
Can we agree thus far?
Well, it seems to me that we have a solution today at L2, at
least for wireless which is the most pressing need. Am I missing
something? Or are talking about remote access into your homenet?
L2 access is fine if the authenticator is one hop away. It won't work
otherwise. We had this issue with mesh networks using RPL where authentication
needs to be relayed through the existing network to the authenticator and
access control is performed by RPL routers on the boundary of the network. We
solved it using the PANA relay function (RFC 6345). I also have some ideas for
more complex network admission using multiple authenticators in a mesh network
which could apply here. I will try and get the ideas down in a digestible form.
So I guess where this is going is "should AAA be a part of the homenet
architecture". Yes? (fsvo: AAA).
Mike
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet