ietf54 charter issues dealt with since ietf53 pana wg meeting basavaraj patil
TRANSCRIPT
![Page 1: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/1.jpg)
IETF54
Charter Issues Dealt with since IETF53
PANA WG Meeting
Basavaraj Patil
![Page 2: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/2.jpg)
IETF54
Issues Discussed and Closed
1. Separation or colocation of PAA and EP• Separation of the PAA and EP would require that there
be yet another protocol between the PAA and EP • Discussion in the WG and the need for simplicity has
concluded that the PAA and EP should be colocated
2. Location of PAA• Can the PAA be located beyond the first hop router or
point of network attachment• Conclusion of discussion is that the PAA is located on
the same IP subnet/link as the PaC (i.e generally the first hop router or even at the AP if the AP is IP enabled)
• “For simplicity, it is assumed that the PAA is attached to the same link as the device (i.e., no intermediary IP routers).“
![Page 3: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/3.jpg)
IETF54
3. The PAA is not the enforcement entity for access control• The PAA is only an interface to the backend AAA
infrastructure for authenticating a host• PAA can communicate with the EP which may be
the access router or node (AP) to provide ACLs, Policies or filters
• The actual mechanism for delivering these rules to the EP is outside the scope of this WG
4. IP Address assignment• Does a host require that it have an IP address
before PANA messaging occurs?• Conclusion: The node MUST have an IP address
before PANA messaging can be initiated
![Page 4: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/4.jpg)
IETF54
5. Is PANA required when 802.1x or PPP are available• .1x is applicable to 802 networks• PPP is suboptimal in L2s that resort to the use of
PPP for simply authentication reasons
• Conclusion: PANA does not compete or aim to replace 802.1x or PPP (dependent on scenarios). It simply provides another (Non L2 specific) way of accomplishing access authentication
![Page 5: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/5.jpg)
IETF54
Open Issues
1. Security implications of doing access authentication above L2• To be discussed as part of the problems to be
addressed in the solution discussion
![Page 6: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/6.jpg)
IETF54
Charter
Outcome of discussion:
• A revised charter which has a much more narrow focus and clear goal of what is to be defined in this WG
• Charter posted to ML and available at URL
• ADs have reviewed the charter. Awaiting IESG approval
![Page 7: IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil](https://reader035.vdocument.in/reader035/viewer/2022081811/56649ea45503460f94ba90a1/html5/thumbnails/7.jpg)
IETF54
Questions???