Hi Alan / EMU, I'll try to talk to Paul @ SURF about Diameter <--> RADIUS; he runs Eduroam and I think he has mentioned Diameter before. Our use case is completely new anyway, so we have a free choice.
Good to hear that EAP-SASL sounds implementable. We haven't built it, but I usually "mentally program" the stuff while spec'ing. > The concern is that the document does not explain *who* would use this > solution, or *why* they would use it. Or, why it would be used instead of > existing EAP methods. I can add that, thanks for asking. There are WG's where I've been requested to remove such contextual aspects. > The ABFAB working group standardized precisely this many years ago. One > implementation is Moonshot: > > https://www.jisc.ac.uk/rd/projects/moonshot I know about Moonshot, and that the project was abandoned. What it does iss the reverse; Moonshot runs EAP on top of GSS-API / SASL, whereas I am proposing SASL on top of EAP. > They demonstrated roaming users authenticating to home networks using EAP > over AAA. Not just for network access, but for SSH, Web login, etc. It > would be good to explain why ABFAB is not applicable to this problem. That is fair crisicism, and I will think it over for a new version. Thanks for the input, they are good input to a new version. I'll think about a few for a while, as that usually helps to better balance things. -Rick _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
