On 15/03/2013 18:49, Michael Thomas wrote: > On 03/15/2013 04:04 AM, Robert Cragie wrote: >> >> On 14/03/2013 9:42 PM, Michael Thomas wrote: >>> On 03/14/2013 10:03 AM, Michael Behringer (mbehring) wrote: >>>>> From: Michael Thomas [mailto:m...@mtcc.com] >>>> [...] >>>>> In today's world access control is gated at L2 via wpa or similar. >>>>> Are you >>>>> suggesting that we have a L3 equivalent? In addition? In replacement? >>>> We need a solution to this problem. I think this is the first >>>> important thing to note, and so far it isn't noted (or I missed it). >>>> Which solution is open for discussion. >>>> >>>> Can we agree thus far? >>> >>> Well, it seems to me that we have a solution today at L2, at >>> least for wireless which is the most pressing need. Am I missing >>> something? Or are talking about remote access into your homenet? >> L2 access is fine if the authenticator is one hop away. It won't work >> otherwise. We had this issue with mesh networks using RPL where >> authentication needs to be relayed through the existing network to the >> authenticator and access control is performed by RPL routers on the >> boundary of the network. We solved it using the PANA relay function >> (RFC 6345). I also have some ideas for more complex network admission >> using multiple authenticators in a mesh network which could apply >> here. I will try and get the ideas down in a digestible form. > > So I guess where this is going is "should AAA be a part of the homenet > architecture". Yes? (fsvo: AAA).
Yes for Authorisation. It's much less clear to me that (cryptographic) Authentication is a requirement, and fairly clear to me that Accounting isn't. Brian _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet