Alper Yegin wrote:
the message types to major PANA state transitions or specific functions
(like ping), and the AVPs as options within the state change or
function.
In order to better understand what you are suggesting, can you please
tell
us what we need to change in our current design? Given that:
- We have phases (handshake, authentication and authorization, access,
re-authentication, termination).
- Each phase has a set of expected message types and specific flows
(e.g.,
handshake: PCI, PSR, PSA; termination: PTR, PTA; etc.).
But do you need authentication phases in PANA if you focus on being a
transport for EAP and let EAP handle the authentication phases? I could
certainly be wrong here, but at the surface it seems that this is a lot
of duplicate state between layers.
The phases I listed above are the "PANA phases". Two of the phases (auth and
authz, and re-auth) involve running (transporting) full "EAP sessions" (from
the beginning of the EAP authentication to the end). Other phases are more
about maintaining the PANA session, and they do not involve in transporting
EAP at all.
If EAP was simply being transported, I don't know why PANA would even
need to know whether it was an "auth" "reauth" "authz" or otherwise.
None of the level of details in these phases deals with "EAP authentication
phases" or "EAP method authentication phases". Those are completely
encapsulated inside the aforementioned two PANA phases.
That is good to hear.
The encapsulation is EAP_method/EAP/PANA (much like
EAP_method/EAP/any_other_transport).
It would help me a lot if you could provide an example of how the PANA
phases relate to other EAP transports. For example, does 802.1x or even
PPP have similar states as PANA?
A specific EAP method has its own phases and a state machine.
It is completely wrapped inside EAP with its own phases and state machine.
And that in turn is completely wrapped inside PANA with its own phases and
state machine.
I hope this makes sense.
It does, and I hope you can see that I am trying to drill down at the
heart of whether PANA truly needs all of the phases and states that it
has. If it doesn't, then perhaps we can take more steps at simplification.
- Mark
_______________________________________________
Pana mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/pana
