From dfhgdfh@dgfhh.com Thu Jan 1 05:26:16 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 47D8728C57D; Thu, 1 Jan 2009 05:26:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -35.017 X-Spam-Level: X-Spam-Status: No, score=-35.017 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i0R1mxIhw7HY; Thu, 1 Jan 2009 05:26:15 -0800 (PST) Received: from 093105157140.bpl.vectranet.pl (093105157140.bpl.vectranet.pl [93.105.157.140]) by core3.amsl.com (Postfix) with SMTP id E3B8B28CCFE; Thu, 1 Jan 2009 05:10:34 -0800 (PST) Message-ID: Date: Thu, 01 Jan 2009 08:10:28 -0500 From: "Helga Klein" Subject: Check out the Emporio Armani watches! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Helga, I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.clippeer.com/ We are offering wholesaler prices on all watches during the month of December. http://www.clippeer.com/ Our Franck Muller have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Klein From majy@alpha.ocn.ne.jp Thu Jan 1 17:34:29 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 340053A6AC5 for ; Thu, 1 Jan 2009 17:34:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.192 X-Spam-Level: ** X-Spam-Status: No, score=2.192 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IZvYsW7tfOWB for ; Thu, 1 Jan 2009 17:34:28 -0800 (PST) Received: from 201-13-171-49.dial-up.telesp.net.br (201-13-171-49.dial-up.telesp.net.br [201.13.171.49]) by core3.amsl.com (Postfix) with SMTP id 058743A6992 for ; Thu, 1 Jan 2009 17:34:21 -0800 (PST) To: Subject: Happier Days Ahead with our products... From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090102013424.058743A6992@core3.amsl.com> Date: Thu, 1 Jan 2009 17:34:21 -0800 (PST)


Please do not reply to this email. To contact Max Volume, please visit us

This email message was sent to . If you do not wish to receive further communications from Max Volume, click here to unsubscribe.

If you've experience any difficulty in being removed from a Max Volume email list, click here for personalized help.

Copyright © 2008 Max Volume, Inc. All rights reserved.
65856 A Alaska, Luissvill, AT 43125

From o_cpeine@abraminterstate.com Thu Jan 1 21:12:36 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 94AE43A6A43 for ; Thu, 1 Jan 2009 21:12:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -38.367 X-Spam-Level: X-Spam-Status: No, score=-38.367 tagged_above=-999 required=5 tests=[BAYES_80=2, DNS_FROM_OPENWHOIS=1.13, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DYNAMIC=1.144, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MvZxX9TwyxjD for ; Thu, 1 Jan 2009 21:12:36 -0800 (PST) Received: from 85-18-136-97.fastres.net (85-18-136-97.fastres.net [85.18.136.97]) by core3.amsl.com (Postfix) with SMTP id 4AA7628C1A9 for ; Thu, 1 Jan 2009 21:11:50 -0800 (PST) To: Subject: We have you been, honey? From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090102051151.4AA7628C1A9@core3.amsl.com> Date: Thu, 1 Jan 2009 21:11:50 -0800 (PST) Having trouble viewing this email? Click here to view as a webpage. From asp@acyd.com.mx Fri Jan 2 01:23:17 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1050F3A63CB; Fri, 2 Jan 2009 01:23:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.892 X-Spam-Level: X-Spam-Status: No, score=-17.892 tagged_above=-999 required=5 tests=[BAYES_80=2, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1icFaQsWBFz1; Fri, 2 Jan 2009 01:23:16 -0800 (PST) Received: from 20151098074.user.veloxzone.com.br (20151098074.user.veloxzone.com.br [201.51.98.74]) by core3.amsl.com (Postfix) with SMTP id 677033A68B6; Fri, 2 Jan 2009 01:22:56 -0800 (PST) Message-ID: Date: Fri, 02 Jan 2009 04:22:48 -0500 From: "Everette Friend" Subject: Breitling watch for a New Year Gift! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Everette, If you've waited to get your Patek Phillipe watch, this is the right time to go for it. http://www.peonmeld.com/ Take advantage of our christmas specials and get yourself {$WATCH$} watch that you've always wanted! http://www.peonmeld.com/ Our Patek Phillipe have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Friend From adashi@nho.hosp.go.jp Fri Jan 2 13:02:32 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1D98B3A68C0; Fri, 2 Jan 2009 13:02:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.533 X-Spam-Level: X-Spam-Status: No, score=-12.533 tagged_above=-999 required=5 tests=[BAYES_60=1, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DSL=1.129, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i3bG1lla+Eic; Fri, 2 Jan 2009 13:02:31 -0800 (PST) Received: from ppp91-122-78-177.pppoe.avangarddsl.ru (ppp91-122-78-177.pppoe.avangarddsl.ru [91.122.78.177]) by core3.amsl.com (Postfix) with SMTP id 5E46B28C0E5; Fri, 2 Jan 2009 13:02:10 -0800 (PST) Message-ID: Date: Fri, 02 Jan 2009 16:02:01 -0500 From: "Bernadine Montoya" Subject: Vacheron Constantin watch models from 2009! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Bernadine, How about buying yourself a two Omega watches the same day? It's not impossible, mostly when you can get them for a couple hundred bucks http://www.peonmine.com/ Get two deeply discounted watches and take an extra 15% discount. http://www.peonmine.com/ Our Omega have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Montoya From meade@meadeoptical.com Sat Jan 3 11:40:52 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 20F123A6821; Sat, 3 Jan 2009 11:40:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -71.016 X-Spam-Level: X-Spam-Status: No, score=-71.016 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OtjBr14oTfLg; Sat, 3 Jan 2009 11:40:50 -0800 (PST) Received: from chello089074034080.chello.pl (chello089074034080.chello.pl [89.74.34.80]) by core3.amsl.com (Postfix) with SMTP id DA8963A69BF; Sat, 3 Jan 2009 11:40:37 -0800 (PST) Message-ID: Date: Sat, 03 Jan 2009 14:40:27 -0500 From: "Bryan Robles" Subject: Jaeger LeCoultre better than you could imagine! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Bryan, New Year is the time to get Chopard watch, and the only place to get top notch watches that look and perform exactly like the originals is http://www.wanemake.com/ Take advantage of our christmas specials and get yourself {$WATCH$} watch that you've always wanted! http://www.wanemake.com/ Our Chopard have Weights/feels and looks exactly same as original. Sincerely, Mr Robles From martin.cormick@agcba.gov.ar Sat Jan 3 14:59:09 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 235A43A6894 for ; Sat, 3 Jan 2009 14:59:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.586 X-Spam-Level: X-Spam-Status: No, score=-21.586 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_HEXIP=2.204, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DK=1.009, HELO_EQ_DSL=1.129, HELO_EQ_DYNAMIC=1.144, HTML_EXTRA_CLOSE=2.809, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rHaHNYelj09C for ; Sat, 3 Jan 2009 14:59:09 -0800 (PST) Received: from 0x50a146c0.naenxx8.dynamic.dsl.tele.dk (0x50a146c0.naenxx8.dynamic.dsl.tele.dk [80.161.70.192]) by core3.amsl.com (Postfix) with SMTP id EAA5C3A63EC for ; Sat, 3 Jan 2009 14:59:07 -0800 (PST) To: Subject: Returned mail: Over quota From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090103225907.EAA5C3A63EC@core3.amsl.com> Date: Sat, 3 Jan 2009 14:59:07 -0800 (PST) About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

C2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 From agay@atlantafuel.com Sat Jan 3 23:12:06 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5C3663A6858; Sat, 3 Jan 2009 23:12:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -30.009 X-Spam-Level: X-Spam-Status: No, score=-30.009 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HOST_EQ_STATIC=1.172, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w9Qq6ApqEkb5; Sat, 3 Jan 2009 23:12:05 -0800 (PST) Received: from 201-048-155-138.static.ctbctelecom.com.br (201-048-155-138.static.ctbctelecom.com.br [201.48.155.138]) by core3.amsl.com (Postfix) with SMTP id 44F3C3A6A67; Sat, 3 Jan 2009 23:11:51 -0800 (PST) Message-ID: Date: Sun, 04 Jan 2009 02:11:43 -0500 From: "Quinton Hinson" Subject: IWC better than you could imagine! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Quinton, If you've waited to get your Patek Phillipe watch, this is the right time to go for it. http://www.wanewanes.com/ We are offering wholesaler prices on all watches during the month of January 2009. http://www.wanewanes.com/ Our Patek Phillipe watches have perfect weight and feel same as orginal. Sincerely, Mr Hinson From liaqatd@accamail.com Sun Jan 4 12:37:03 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A8EB73A689C for ; Sun, 4 Jan 2009 12:37:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -47.429 X-Spam-Level: X-Spam-Status: No, score=-47.429 tagged_above=-999 required=5 tests=[BAYES_95=3, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1DEz2NXNxF+q for ; Sun, 4 Jan 2009 12:37:03 -0800 (PST) Received: from 77-105-14-31.smin-1.sezampro.yu (77-105-14-31.smin-1.sezampro.yu [77.105.14.31]) by core3.amsl.com (Postfix) with SMTP id 448F03A6813 for ; Sun, 4 Jan 2009 12:36:51 -0800 (PST) To: Subject: Don't reject my calls! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090104203655.448F03A6813@core3.amsl.com> Date: Sun, 4 Jan 2009 12:36:51 -0800 (PST) Having trouble viewing this email? Click here to view as a webpage. From lunchmote@aktiespararna.se Sun Jan 4 22:44:24 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BC4D03A6A97 for ; Sun, 4 Jan 2009 22:44:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.06 X-Spam-Level: X-Spam-Status: No, score=-22.06 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJPxdgHn7miP for ; Sun, 4 Jan 2009 22:44:24 -0800 (PST) Received: from alsde.edu (unknown [121.247.129.69]) by core3.amsl.com (Postfix) with SMTP id 565213A6ABB for ; Sun, 4 Jan 2009 22:44:22 -0800 (PST) To: Subject: Don't disappear now! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090105064423.565213A6ABB@core3.amsl.com> Date: Sun, 4 Jan 2009 22:44:22 -0800 (PST) Having trouble viewing this email? Click here to view as a webpage. From mediates88@4sportscards.com Sun Jan 4 22:52:53 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A54533A6A97 for ; Sun, 4 Jan 2009 22:52:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -34.962 X-Spam-Level: X-Spam-Status: No, score=-34.962 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1XpofhOAyvCd for ; Sun, 4 Jan 2009 22:52:53 -0800 (PST) Received: from 007-jamesbond.com (unknown [59.180.188.164]) by core3.amsl.com (Postfix) with SMTP id 7D4E43A6ABB for ; Sun, 4 Jan 2009 22:52:50 -0800 (PST) To: Subject: Your order 67311 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090105065251.7D4E43A6ABB@core3.amsl.com> Date: Sun, 4 Jan 2009 22:52:50 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

©2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 89318
From 671steps_forev@surecast.com Sun Jan 4 23:11:21 2009 Return-Path: <671steps_forev@surecast.com> X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 01ECE3A6A5A; Sun, 4 Jan 2009 23:11:21 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.622 X-Spam-Level: X-Spam-Status: No, score=-15.622 tagged_above=-999 required=5 tests=[AWL=6.547, BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wwe2ddRJc6T0; Sun, 4 Jan 2009 23:11:20 -0800 (PST) Received: from host-81-190-221-72.wroclaw.mm.pl (host-81-190-221-72.wroclaw.mm.pl [81.190.221.72]) by core3.amsl.com (Postfix) with SMTP id AB79D3A6AD4; Sun, 4 Jan 2009 23:11:05 -0800 (PST) Message-ID: Date: Mon, 05 Jan 2009 02:11:02 -0500 From: "Justine Mock" Subject: Gucci watch for a New Year Gift! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Justine, I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.wanewall.com/ From kaspars@amf.lv Mon Jan 5 05:53:23 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D06A63A6868 for ; Mon, 5 Jan 2009 05:53:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -23.563 X-Spam-Level: X-Spam-Status: No, score=-23.563 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_EXTRA_CLOSE=2.809, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NH7Y3m9cgl1s for ; Mon, 5 Jan 2009 05:53:23 -0800 (PST) Received: from altmancos.com (unknown [189.24.48.97]) by core3.amsl.com (Postfix) with SMTP id E7B673A67AB for ; Mon, 5 Jan 2009 05:53:21 -0800 (PST) To: Subject: Non delivery report: 5.9.4 (Spam SLS/RBL) From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090105135321.E7B673A67AB@core3.amsl.com> Date: Mon, 5 Jan 2009 05:53:21 -0800 (PST) About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

C2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 From mcquade@accedoconsulting.com Mon Jan 5 10:36:24 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4F0C23A67D6 for ; Mon, 5 Jan 2009 10:36:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.088 X-Spam-Level: X-Spam-Status: No, score=-7.088 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR=2.426, HTML_EXTRA_CLOSE=2.809, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HeRm9gFtOQKd for ; Mon, 5 Jan 2009 10:36:23 -0800 (PST) Received: from ppp-94-69-135-45.home.otenet.gr (ppp-94-69-135-45.home.otenet.gr [94.69.135.45]) by core3.amsl.com (Postfix) with SMTP id 5ED9C3A67F9 for ; Mon, 5 Jan 2009 10:36:21 -0800 (PST) To: Subject: Undeliverable Mail From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090105183622.5ED9C3A67F9@core3.amsl.com> Date: Mon, 5 Jan 2009 10:36:21 -0800 (PST) About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

C2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 From dilip@dchakraborti.freeserve.co.uk Mon Jan 5 10:49:29 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F07AC28C0E2; Mon, 5 Jan 2009 10:49:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -8.085 X-Spam-Level: X-Spam-Status: No, score=-8.085 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 23Mh7NQpbSQO; Mon, 5 Jan 2009 10:49:28 -0800 (PST) Received: from 239-232-222-201.adsl.terra.cl (239-232-222-201.adsl.terra.cl [201.222.232.239]) by core3.amsl.com (Postfix) with SMTP id 119CF28C11F; Mon, 5 Jan 2009 10:49:13 -0800 (PST) Message-ID: From: "Susanna Landis" Date: Mon, 05 Jan 2009 13:49:10 -0500 Subject: Longines cheaper than you could imagine! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Susanna, Looking for a Gucci watch that no one can tell from the original? You're in luck, because we have the best copies http://www.daymiss.com/ Get two deeply discounted watches and take an extra 15% discount. http://www.daymiss.com/ Our Gucci have Weights/feels and looks exactly same as original. Sincerely, Mr Landis From danc@aircoastal.net Mon Jan 5 22:10:39 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CB73A3A67EF; Mon, 5 Jan 2009 22:10:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.875 X-Spam-Level: X-Spam-Status: No, score=-3.875 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HOST_EQ_BR=1.295, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RI+WUY-+e++j; Mon, 5 Jan 2009 22:10:38 -0800 (PST) Received: from 200-181-84-24.bsace705.dsl.brasiltelecom.net.br (200-181-84-24.bsace705.dsl.brasiltelecom.net.br [200.181.84.24]) by core3.amsl.com (Postfix) with SMTP id CE98B3A69BC; Mon, 5 Jan 2009 22:10:21 -0800 (PST) Message-ID: From: "Cedric Peck" Date: Tue, 06 Jan 2009 01:10:16 -0500 Subject: Gucci better than you could imagine! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Cedric, I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.maymap.com/ Take advantage of our christmas specials and get yourself Patek Phillipe watch that you've always wanted! http://www.maymap.com/ Our Patek Phillipe watches have perfect weight and feel same as orginal. Sincerely, Mr Peck From pana@aleph.it Tue Jan 6 04:12:28 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7F8AC3A68A4 for ; Tue, 6 Jan 2009 04:12:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -29.092 X-Spam-Level: X-Spam-Status: No, score=-29.092 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DATE_IN_PAST_06_12=1.069, FH_HOST_EQ_D_D_D_D=0.765, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HOST_EQ_PL=1.95, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, MSGID_MULTIPLE_AT=1.449, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_FROM_DRUGS=1.666, SARE_UN7=0.917, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8phmgiKxDFc4 for ; Tue, 6 Jan 2009 04:12:21 -0800 (PST) Received: from lyris.scrippsnetworksnewsletters.com (host-89-230-151-77.inowroclaw.mm.pl [89.230.151.77]) by core3.amsl.com (Postfix) with SMTP id E2E013A6768 for ; Tue, 6 Jan 2009 04:12:19 -0800 (PST) List-Unsubscribe: Message-ID: DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=2008; d=foodnewsletters.com; h=from; b=wNN6nk6fUAGUBAbIUP3lKlCgqk5zVmTQVMeARFqChiuGcWxbK/emIzfSwyaXzzoru5ZTgJOA 0MO07yoDA9ZEHw== From: "admin@Viagra.com" To: pana-archive@ietf.org Subject: gapnf pana-archive@ietf.org; New Year 70% OFF on Pfizer uoea Date: Tue, 6 Jan 2009 01:15:21 +0100 MIME-Version: 1.0 Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: 8bit Food Network Newsletter
This message contains images. If you don't see images, click here to view.
Food Network
Tue, 6 Jan 2009 01:15:21 +0100
Home |

HAPPY CHRISTMAS CLICK HERE

Copyright 2009 Television Food Network, G.P., All Rights Reserved.
2009 Scripps Networks Interactive, 9721 Sherrill Blvd., Knoxville, TN 37932
From masae@384.jp Tue Jan 6 05:57:26 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E2B2A3A685C for ; Tue, 6 Jan 2009 05:57:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -34.773 X-Spam-Level: X-Spam-Status: No, score=-34.773 tagged_above=-999 required=5 tests=[BAYES_95=3, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR=2.426, HOST_EQ_DHCP=1.295, HTML_EXTRA_CLOSE=2.809, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id biT5YaB-txkk for ; Tue, 6 Jan 2009 05:57:20 -0800 (PST) Received: from nv-71-49-133-112.dhcp.embarqhsd.net (nv-71-49-133-112.dhcp.embarqhsd.net [71.49.133.112]) by core3.amsl.com (Postfix) with SMTP id 77BD73A699E for ; Tue, 6 Jan 2009 05:57:18 -0800 (PST) To: Subject: Returned mail: Over quota From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090106135719.77BD73A699E@core3.amsl.com> Date: Tue, 6 Jan 2009 05:57:18 -0800 (PST) About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

C2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 From pana-bounces@ietf.org Tue Jan 6 12:26:16 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 793B93A692F; Tue, 6 Jan 2009 12:26:16 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6D7403A6817 for ; Tue, 6 Jan 2009 12:26:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.974 X-Spam-Level: X-Spam-Status: No, score=-1.974 tagged_above=-999 required=5 tests=[AWL=-0.575, BAYES_00=-2.599, J_CHICKENPOX_72=0.6, J_CHICKENPOX_74=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cH5IXhAFj1vS for ; Tue, 6 Jan 2009 12:26:13 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 6B8983A67A5 for ; Tue, 6 Jan 2009 12:26:13 -0800 (PST) Received: from steelhead.localdomain (tarij-62.tari.toshiba.com [172.30.24.110]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n06KNg5f042916; Tue, 6 Jan 2009 15:23:42 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LKIUk-0000t6-KQ; Tue, 06 Jan 2009 15:25:46 -0500 Date: Tue, 6 Jan 2009 15:25:46 -0500 From: Yoshihiro Ohba To: Qin Wu Message-ID: <20090106202546.GK31353@steelhead.localdomain> References: <20081025144337.GA20427@steelhead.localdomain> <00c701c96338$7120c060$ff5afea9@D50B3A3B0629485> <20081222203954.GC7742@steelhead.localdomain> <000f01c964ad$ba33b340$1c0ca40a@china.huawei.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <000f01c964ad$ba33b340$1c0ca40a@china.huawei.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: Basavaraj Patil , pana@ietf.org Subject: Re: [Pana] I-D: draft-ietf-pana-preauth X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Qin, Sorry for my delayed response. Please see my comments below. On Tue, Dec 23, 2008 at 11:22:46AM +0800, Qin Wu wrote: > Dear Yoshihiro: > Thank for your reply, please see my followup comments below. > -Qin > ----- Original Message ----- > From: "Yoshihiro Ohba" > To: "wuqin" > Cc: "Basavaraj Patil" ; > Sent: Tuesday, December 23, 2008 4:39 AM > Subject: Re: [Pana] I-D: draft-ietf-pana-preauth > > > > Hi Qin, > > > > Thank you very much for the review! Please see my comments below. > > > > On Sun, Dec 21, 2008 at 02:50:41PM +0800, wuqin wrote: > >> > >> 1. Introduction > >> > >> The Protocol for carrying Authentication for Network Access (PANA) > >> [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA > >> (PANA Authentication Agent) in the access network. If the PaC is a > >> mobile device and is capable of moving one access network to another > >> while running its applications, it is critical for the PaC to perform > >> a handover seamlessly without degrading the performance of the > >> applications during the handover period. When the handover requires > >> the PaC to establish a PANA session with the PAA in the new access > >> network, the signaling to establish the PANA session should be > >> completed as fast as possible. > >> > >> [Qin]:Before the mobile device moves, is it true to establish a PANA session with the PAA in the new access network? > > > > Yes. > > > >> How to keep this PANA session uninterruption during the mobile device moves? Which identifier is used to distinguish > >> this PANA session? the old IP address allocated in the old access network? the new IP address allocated in the new access network? > > > > The PANA session is identified by the Session Identifier defined in > > RFC 5141. In the case of PANA pre-authentication, the old IP address > > allocated in the old access network is used for establishing the PANA > > session with the PAA in another access network. > [Qin] The Mobile IP protocol allows the mobile move from one link to another link without changing its "home address". In this way, the transport and high-layer connection can be maintained. In PANA pre-authentication scenario, When the mobile attachs to the new link, the old IP address (i.e., old Care of address) will not be available, Before the mobile gets a new IP address, How can you keep the PANA session uninterruption? I am not sure what 'interruption' means here, but the PANA session is supposed to exist until one of session termination events occur, and handover is not listed as a session termination event. Please see the definition of PANA Session in Section 2 of RFC 5191 for the session termination events. > >> > >> This document defines an extension to the PANA protocol [RFC5191] > >> used for proactively executing EAP authentication and establishing a > >> PANA SA (Security Association) between a PaC in an access network and > >> > >> [Qin]:It mentions after Pre-authentication, PANA SA is required to be established, However > >> withouth key materials derivation and delivery, a PANA SA can not be established. So key materials > >> derivation and delivery mechanism is one integral part of PANA Pre-authentication, is it true? > >> How to perform key materials derivation and delivery during the pre-authentication? > > > > Key derivation and delivery for the candidate PAA is performed in the > > same as normal PANA session, i.e., an MSK is derived and delivered to > > the PAA from EAP server. > [Qin] Since the key derivation and delivery happen before PANA SA establishment and after the successful pre-authentication, the key derivation and delivery is a integral part of pre-authentication. Yes, and we assume the same key derivation and delivery mechanism as for the normal EAP authentication is used for pre-authentication. > >> > >> a PAA in another access network to which the PaC may move. The > >> proposed method operates across multiple AAA domains. > >> > >> [Qin]:What I understand PANA authentication here is one kind of user authentication, However without network entry,i.e., the PaC attaching to the new access network, why the new access network allow a PaC in the previous access network establish a PANA SA with a PAA in the new access network? I wonder for network security consideration, whether a PaC far away from the new Access network can get permission to be remote authentication? > > > > Well, it depends on network access policies which is out of scope of > > this draft. If a PaC is communicating with the candidate PAA from an > > access network that is not allowed for pre-authentication based on the > > policies, then pre-authentication attempt can be rejected. > [Qin] So you agree in some scenario, pana-preauthentication does not work. Actually if my understanding is correct, the existing access network owned by the operator does not support this feature,does it? I guess I miss your point here. I think nothing is wrong if the existing access network owned by the operator does not support pre-authentication. > >> > >> The extension to the PANA protocol is designed to realize direct pre-authentication > >> defined in [I-D.ietf-hokey-preauth-ps]. > >> > >> [Qin]Why PANA protocol is only used to realize direct pre-authentication? Why indirect pre-authentication > >> can not be realized based PANA protocol? > > > > I think technicaly it is possible to use PANA for indirect > > pre-authentication (described in draft-ietf-hokey-preauth-ps) as well. > > However, in indirect pre-autentication, the role of the serving > > authenticator is just forwarding EAP messages between peer and > > candidate authenticator, and hence no EAP peer or authenticator state > > needs to be maintained on the serving authenticator with regard to > > pre-authentication. So I would think that it may be too much for the > > serving authenticator to use PANA for indirect pre-authentication. > [Qin] I can not agree. In the draft-ietf-hokey-preauth-ps-05, it said Indirect pre- > authentication is needed if the peer cannot discover the candidate > authenticator's IP address or if IP communication is not available > due to security or network topology reasons. > It seems what you explain is not consistent with the text mentioned above. > Actually, if the serving authenticator can perform pre-authentication on behalf of the mobile, it will alleviate the overhead of the mobile greatly. What I meant is, there are two pre-authentication sceanarios (i.e., direct pre-auth and indirect pre-auth) and PANA pre-auth is defined as one solution for direct pre-auth. The draft-ietf-hokey-preauth-ps I-D does not mention which pre-authentication scenario is better. > >> > >> When a CPAA with which the PaC has a pre-authorization SA becomes the > >> SPAA due to, e.g., movement of the PaC, the PaC performs an IP > >> address update procedure defined in Section 5.6 of [RFC5191] in order > >> to update the SPAA with the PaC's new address obtained from the new > >> serving network. PANA-Notification-Request (PNR) and PANA- > >> Notification-Answer (PNA) messages with 'P' (Ping) bit set are used > >> for this purpose. The completion of the IP address update procedure > >> will change the pre-authorization SA to a post-authorization SA. In > >> this case, the 'E' MUST NOT be set in the PNR and PNA messages and > >> subsequent PANA messages. > >> > >> [Qin]It seems the IP address udpate procedure is a part of pre-authentication, > >> without IP address udpate, Pre-authentication can not be regarded as completion. > >> However before the IP address is updated, how to make PANA pre-authentication > >> keep service continuity? > > > > According to RFC 5193, the PaC dynamically or statically configures an > > IP address prior to running PANA. So we assume that the new IP > > address is configured prior to completion of post-authorization with > > CPAA. This is certainly possible if lower-layer security for the > > target access network is bootstrapped using the MSK established by > > PANA pre-authentication before obtaining the new IP address. > [Qin] I am confused here. > First, Why the target access network needs to be bootstrapped? I only heard about Bootstapping for the Mobile terminal. I meant bootstrapping the mobile terminal for the target access network. > Second, Since the pre-authoration SA is identified with the old IP address, When the Mobile moves the the target access network and has not obtained the new IP address, the old IP address will not be available, it means the pre-authorization SA is invalid. the PANA session will be interrupted for a while during the handover. In this situation, the PANA pre-authentication should depend on the layer 2 security before the pre-authorization SA becomes the post-authorization SA. When and How is the layer 2 security established? > Before the mobile moves to the target network, whether the layer 2 connection should be maintained? Please see my first comment above how the PANA session is supposed to stay during handover. For enabling L2 ciphering before the pre-authorization SA becomes post-authorization SA, I am assuming use of pana-pemk (http://tools.ietf.org/html/draft-ohba-pana-pemk-02). If this mechanism is not available, then the target access network would have to either allow IP address acquisition before L2 ciphering is enabled or provide no L2 ciphering. > >> > >> If there is another CPAA with which the PaC has a pre-authorization > >> SA and the PaC wants to keep the pre-authorization SA after the > >> change of SPAA, the PaC also performs an IP address update procedure > >> [Qin] Do you mean PANA pre-authentication can work for dual radio case or something else? > > > > PANA pre-authentication can work with single and dual radios (but > > effectiveness for dual radio case may not be so large). > [Qin] I have to point out one thing here, > Dual radios case means the mobile attachs to the old link and the new link simutaneously. Since the PANA pre-authentication support dual radio case, it means not only L3 connection (PANA session) but also L2 connection exist between the peer and the candidate authentication before the mobile moves to the target network, do they? Yes. > >> > >> defined in Section 5.6 of [RFC5191] in order to update the CPAA with > >> the PaC's new address. PNR and PNA messages with 'P' (Ping) bit set > >> is used for this purpose. In this case, the 'E' (prE-authentication) > >> bit MUST be set in the PNR and PNA messages and subsequent PANA > >> messages. The IP address update procedure with the CPAA will not > >> change the pre-authorization SA to a post-authorization SA. > >> > >> [Qin] At the first time when the PaC establish SA with one CPAA, the IP address update procedure > >> with this CPAA can change the pre-authentication SA to a post-authroziation SA? However,At the second time when the Pac establish SA with another CPAA, why the IP adress update procedure with this CPAA can not change the pre-authorization to a post authorization SA? > > > > It depends on 'E' bit settings. If the IP address changes but with > > 'E' bit set, > [Qin]It is a typo here? what you want to said here is "If the IP address changes but without 'E' bit set" This not a typo. If 'E' bit is set for an established PANA session with a pre-authorization SA, then it means that the pre-authorization SA is kept as it is without migrating to post-authorization SA. > >then migration from pre-authentication SA to > > post-authentication SA will not occur. On the other hand, the CPAA > > should allow migration from pre-authentication SA to > > post-authentication SA only from an interface that serves for its > > access network to avoid undesired upgrading to post-authentication SA > > by a remote node. We can add some text on it. > [Qin] It will be better. OK. > My understanding is only when the candidate network is a target network, the pre-authorization SA can become post-ahorization SA. Yes. > Upon one of candidate network becomes the target network, the other candidate network can not be viewed as the target network. also the pre-authoriation SA can not be allowed to become post-authorizaiton SA, it that right? That's right. > > >> > >> > >> The pre-authorization SA and the corresponding PANA session between > >> the PaC and a CPAA is deleted by entering the termination phase of > >> the PANA protocol. > >> > >> Example call flows for PaC-initiated pre-authentication and PAA- > >> initiated pre-authentication are shown in Figure 1 and Figure 2, > >> respectively. > >> [Qin]In the example call flows, which steps are used to generate keying materials? > >> which step is used to establish the SA? > >> How many roundtrips exchange it takes to perform pre-authentication between PaC and CPAA? how long it takes to complete > >> a full pre-authentication? what's the handover performance improvement in constrast with EAP pre-authentication? > > > > Keying material is established with CPAA in the last PAR/PAN exchange > > with 'C' bit set, in the same way as RFC 5191. > Message exchanges > > between PaC and CPAA for pre-authentication are the same as RFC 5191, > > the number of roundtrips depend on the EAP method, > [Qin] what i concern here is in Figure 1: PaC-initiated Pre-authentication Call Flow, there are four piece of message changes before Pre-authroziation, after that, there are two piece of message changes to establish keying materials, It seems you indicate one EAP method is used here. So I suggest to add some text to clarify it. Thanks. Sure, we can add some text that EAP authentication is performed over the PAR-PAN exchanges. > in the same way as > > RFC 5191. The only difference is additional 'E' bit is used in PANA > > pre-auth. > >I don't understand the last question since PANA > > pre-authentication is an EAP pre-authentication. > [Qin] Yeah, the pana is just a protocol to carry EAP message. Thank for your correcting me. > >> > >> 5. Authorization and Accounting Considerations > >> > >> A pre-authorization and a post-authorization for the PaC may have > >> different authorization policies. For example, the pre-authorization > >> policy may not allow the PaC to sent or receive packets through an > >> Enforcement Point (EP) that is under control of the CPAA, while both > >> the pre-authorization and post-authorization policies may allow > >> installing credentials to the EP, where the credentials are used for > >> establishing a security association for per-packet cryptographic > >> filtering. > >> > >> In an access network where accounting is performed, accounting starts > >> when the pre-authorization SA becomes the post-authorization SA by > >> default. > >> [Qin] What's the main difference between pre-authorization SA and post-authorization SA? > >> Only IP address that distinguish these two SA? > > > > We distinguish the two SA based on the 'E' bit settings. It may be > > possible to use IP address solely to distinguish the two SAs, e.g., > > PANA message from IP address that do not belong to the realm of the > > PAA could be associated with a pre-authorization SA. However, I would > > not recommend that scheme because it will be vulnerable to IP address > > spoofing. IMO, it's securer to use proteced indication based on 'E' > > bit (note that 'E' bit is protected in the last PAR/PAN exchange). > [Qin] I want to point out whether or not use IP address to distinguish the two SA, each SA should include IP address. > Also I don't think use on bit of 'E' is more secure than use one IP address. I believe 'E' bit is more secure than IP address because 'E' bit is protected once PANA SA is established while IP address is not protected. Regards, Yoshihiro Ohba > > Thanks, > > Yoshihiro Ohba > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From kless@abbottexcellence.com Tue Jan 6 13:59:47 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2EF483A69D2 for ; Tue, 6 Jan 2009 13:59:47 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.717 X-Spam-Level: X-Spam-Status: No, score=-4.717 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_OPENWHOIS=1.13, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XnFp6M2-F0A7 for ; Tue, 6 Jan 2009 13:59:46 -0800 (PST) Received: from pc-91-92-241-201.cm.vtr.net (pc-91-92-241-201.cm.vtr.net [201.241.92.91]) by core3.amsl.com (Postfix) with SMTP id 786673A69B1 for ; Tue, 6 Jan 2009 13:59:44 -0800 (PST) To: Subject: Here is my number From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090106215945.786673A69B1@core3.amsl.com> Date: Tue, 6 Jan 2009 13:59:44 -0800 (PST) Having trouble viewing this email? Click here to view as a webpage. From admiss@ndnu.edu Tue Jan 6 14:45:25 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B4E323A69C9; Tue, 6 Jan 2009 14:45:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -24.586 X-Spam-Level: X-Spam-Status: No, score=-24.586 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oNeEAZkxvydX; Tue, 6 Jan 2009 14:45:25 -0800 (PST) Received: from 190-82-230-243.adsl.tie.cl (190-82-230-243.adsl.tie.cl [190.82.230.243]) by core3.amsl.com (Postfix) with SMTP id 3EC183A6B01; Tue, 6 Jan 2009 14:45:13 -0800 (PST) Message-ID: From: "Kennith Adair" Date: Tue, 06 Jan 2009 17:45:08 -0500 Subject: Tag Heuer cheaper than you could imagine! To: p2prg@ietf.org Content-Type: text/plain Content-Transfer-Encoding: 7bit Dear Kennith, Looking for a Breitling watch that no one can tell from the original? You're in luck, because we have the best copies http://www.mindmay.com/ Get two deeply discounted watches and take an extra 15% discount. http://www.mindmay.com/ Our Breitling have Weights/feels and looks exactly same as original. Sincerely, Mr Adair From noe@airsight.de Wed Jan 7 15:08:17 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7F4AF3A6905 for ; Wed, 7 Jan 2009 15:08:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -31.507 X-Spam-Level: X-Spam-Status: No, score=-31.507 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zOBAgcV1Q83n for ; Wed, 7 Jan 2009 15:08:16 -0800 (PST) Received: from alexmannjobs.com (unknown [190.244.20.55]) by core3.amsl.com (Postfix) with SMTP id CE2C53A67FB for ; Wed, 7 Jan 2009 15:08:15 -0800 (PST) To: Subject: Can't you answer the call? From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090107230815.CE2C53A67FB@core3.amsl.com> Date: Wed, 7 Jan 2009 15:08:15 -0800 (PST) Having trouble viewing this email? Click here to view as a webpage. From pana-bounces@ietf.org Thu Jan 8 01:29:39 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2D6AE28C155; Thu, 8 Jan 2009 01:29:39 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 826C928C157 for ; Thu, 8 Jan 2009 01:29:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.713 X-Spam-Level: X-Spam-Status: No, score=-0.713 tagged_above=-999 required=5 tests=[AWL=0.686, BAYES_00=-2.599, J_CHICKENPOX_72=0.6, J_CHICKENPOX_74=0.6] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kTE+1qPCJe4d for ; Thu, 8 Jan 2009 01:29:36 -0800 (PST) Received: from szxga03-in.huawei.com (szxga03-in.huawei.com [119.145.14.66]) by core3.amsl.com (Postfix) with ESMTP id ECFEA28C14B for ; Thu, 8 Jan 2009 01:29:35 -0800 (PST) Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KD500C41BLEQE@szxga03-in.huawei.com> for pana@ietf.org; Thu, 08 Jan 2009 17:27:14 +0800 (CST) Received: from huawei.com ([172.24.1.12]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KD500HGWBLEPR@szxga03-in.huawei.com> for pana@ietf.org; Thu, 08 Jan 2009 17:27:14 +0800 (CST) Received: from w53375a ([10.164.12.28]) by szxml05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KD500ID3BLDOK@szxml05-in.huawei.com> for pana@ietf.org; Thu, 08 Jan 2009 17:27:14 +0800 (CST) Date: Thu, 08 Jan 2009 17:27:11 +0800 From: Qin Wu To: Yoshihiro Ohba Message-id: <01dd01c97173$491ee8f0$1c0ca40a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 X-Mailer: Microsoft Outlook Express 6.00.2900.3138 X-Priority: 3 X-MSMail-priority: Normal References: <20081025144337.GA20427@steelhead.localdomain> <00c701c96338$7120c060$ff5afea9@D50B3A3B0629485> <20081222203954.GC7742@steelhead.localdomain> <000f01c964ad$ba33b340$1c0ca40a@china.huawei.com> <20090106202546.GK31353@steelhead.localdomain> Cc: Basavaraj Patil , pana@ietf.org Subject: Re: [Pana] I-D: draft-ietf-pana-preauth X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi, Yoshihiro: Thanks for your reply. Please see inline. Best Regards! Qin Wu ----- Original Message ----- From: "Yoshihiro Ohba" To: "Qin Wu" Cc: ; "Basavaraj Patil" Sent: Wednesday, January 07, 2009 4:25 AM Subject: Re: [Pana] I-D: draft-ietf-pana-preauth > Hi Qin, > > Sorry for my delayed response. Please see my comments below. > > On Tue, Dec 23, 2008 at 11:22:46AM +0800, Qin Wu wrote: >> Dear Yoshihiro: >> Thank for your reply, please see my followup comments below. >> -Qin >> ----- Original Message ----- >> From: "Yoshihiro Ohba" >> To: "wuqin" >> Cc: "Basavaraj Patil" ; >> Sent: Tuesday, December 23, 2008 4:39 AM >> Subject: Re: [Pana] I-D: draft-ietf-pana-preauth >> >> >> > Hi Qin, >> > >> > Thank you very much for the review! Please see my comments below. >> > >> > On Sun, Dec 21, 2008 at 02:50:41PM +0800, wuqin wrote: >> >> >> >> 1. Introduction >> >> >> >> The Protocol for carrying Authentication for Network Access (PANA) >> >> [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA >> >> (PANA Authentication Agent) in the access network. If the PaC is a >> >> mobile device and is capable of moving one access network to another >> >> while running its applications, it is critical for the PaC to perform >> >> a handover seamlessly without degrading the performance of the >> >> applications during the handover period. When the handover requires >> >> the PaC to establish a PANA session with the PAA in the new access >> >> network, the signaling to establish the PANA session should be >> >> completed as fast as possible. >> >> >> >> [Qin]:Before the mobile device moves, is it true to establish a PANA session with the PAA in the new access network? >> > >> > Yes. >> > >> >> How to keep this PANA session uninterruption during the mobile device moves? Which identifier is used to distinguish >> >> this PANA session? the old IP address allocated in the old access network? the new IP address allocated in the new access network? >> > >> > The PANA session is identified by the Session Identifier defined in >> > RFC 5141. In the case of PANA pre-authentication, the old IP address >> > allocated in the old access network is used for establishing the PANA >> > session with the PAA in another access network. >> [Qin] The Mobile IP protocol allows the mobile move from one link to another link without changing its "home address". In this way, the transport and high-layer connection can be maintained. In PANA pre-authentication scenario, When the mobile attachs to the new link, the old IP address (i.e., old Care of address) will not be available, Before the mobile gets a new IP address, How can you keep the PANA session uninterruption? > > I am not sure what 'interruption' means here, but the PANA session is > supposed to exist until one of session termination events occur, and > handover is not listed as a session termination event. Please see the > definition of PANA Session in Section 2 of RFC 5191 for the session > termination events. [Qin] From the defintion of pana session in section 2 of RFC5191, the termination event usually happen in case of failure or authentication exception. I can not see any mechanism to keep session continuity. I wonder whether PANA session need to support mobility? What's the relationship between PANA session and mobile IP session? >> >> >> >> This document defines an extension to the PANA protocol [RFC5191] >> >> used for proactively executing EAP authentication and establishing a >> >> PANA SA (Security Association) between a PaC in an access network and >> >> >> >> [Qin]:It mentions after Pre-authentication, PANA SA is required to be established, However >> >> withouth key materials derivation and delivery, a PANA SA can not be established. So key materials >> >> derivation and delivery mechanism is one integral part of PANA Pre-authentication, is it true? >> >> How to perform key materials derivation and delivery during the pre-authentication? >> > >> > Key derivation and delivery for the candidate PAA is performed in the >> > same as normal PANA session, i.e., an MSK is derived and delivered to >> > the PAA from EAP server. >> [Qin] Since the key derivation and delivery happen before PANA SA establishment and after the successful pre-authentication, the key derivation and delivery is a integral part of pre-authentication. > > Yes, and we assume the same key derivation and delivery mechanism as > for the normal EAP authentication is used for pre-authentication. [Qin] Thanks for your clarification. >> >> >> >> a PAA in another access network to which the PaC may move. The >> >> proposed method operates across multiple AAA domains. >> >> >> >> [Qin]:What I understand PANA authentication here is one kind of user authentication, However without network entry,i.e., the PaC attaching to the new access network, why the new access network allow a PaC in the previous access network establish a PANA SA with a PAA in the new access network? I wonder for network security consideration, whether a PaC far away from the new Access network can get permission to be remote authentication? >> > >> > Well, it depends on network access policies which is out of scope of >> > this draft. If a PaC is communicating with the candidate PAA from an >> > access network that is not allowed for pre-authentication based on the >> > policies, then pre-authentication attempt can be rejected. >> [Qin] So you agree in some scenario, pana-preauthentication does not work. Actually if my understanding is correct, the existing access network owned by the operator does not support this feature,does it? > > I guess I miss your point here. I think nothing is wrong if the > existing access network owned by the operator does not support > pre-authentication. [Qin] You are right. I just want to get your confirmation about whether the existing access network can support pre-authentication mechanism. It is not important now. >> >> >> >> The extension to the PANA protocol is designed to realize direct pre-authentication >> >> defined in [I-D.ietf-hokey-preauth-ps]. >> >> >> >> [Qin]Why PANA protocol is only used to realize direct pre-authentication? Why indirect pre-authentication >> >> can not be realized based PANA protocol? >> > >> > I think technicaly it is possible to use PANA for indirect >> > pre-authentication (described in draft-ietf-hokey-preauth-ps) as well. >> > However, in indirect pre-autentication, the role of the serving >> > authenticator is just forwarding EAP messages between peer and >> > candidate authenticator, and hence no EAP peer or authenticator state >> > needs to be maintained on the serving authenticator with regard to >> > pre-authentication. So I would think that it may be too much for the >> > serving authenticator to use PANA for indirect pre-authentication. >> [Qin] I can not agree. In the draft-ietf-hokey-preauth-ps-05, it said Indirect pre- >> authentication is needed if the peer cannot discover the candidate >> authenticator's IP address or if IP communication is not available >> due to security or network topology reasons. >> It seems what you explain is not consistent with the text mentioned above. >> Actually, if the serving authenticator can perform pre-authentication on behalf of the mobile, it will alleviate the overhead of the mobile greatly. > > What I meant is, there are two pre-authentication sceanarios (i.e., > direct pre-auth and indirect pre-auth) and PANA pre-auth is defined as > one solution for direct pre-auth. The draft-ietf-hokey-preauth-ps I-D > does not mention which pre-authentication scenario is better. [Qin] Correct. Actually what i concern here is in the model(Peer-CA-AAA)model, more threats will be introduced for layer 3 authentication without association with the CA. >> >> >> >> When a CPAA with which the PaC has a pre-authorization SA becomes the >> >> SPAA due to, e.g., movement of the PaC, the PaC performs an IP >> >> address update procedure defined in Section 5.6 of [RFC5191] in order >> >> to update the SPAA with the PaC's new address obtained from the new >> >> serving network. PANA-Notification-Request (PNR) and PANA- >> >> Notification-Answer (PNA) messages with 'P' (Ping) bit set are used >> >> for this purpose. The completion of the IP address update procedure >> >> will change the pre-authorization SA to a post-authorization SA. In >> >> this case, the 'E' MUST NOT be set in the PNR and PNA messages and >> >> subsequent PANA messages. >> >> >> >> [Qin]It seems the IP address udpate procedure is a part of pre-authentication, >> >> without IP address udpate, Pre-authentication can not be regarded as completion. >> >> However before the IP address is updated, how to make PANA pre-authentication >> >> keep service continuity? >> > >> > According to RFC 5193, the PaC dynamically or statically configures an >> > IP address prior to running PANA. So we assume that the new IP >> > address is configured prior to completion of post-authorization with >> > CPAA. This is certainly possible if lower-layer security for the >> > target access network is bootstrapped using the MSK established by >> > PANA pre-authentication before obtaining the new IP address. >> [Qin] I am confused here. >> First, Why the target access network needs to be bootstrapped? I only heard about Bootstapping for the Mobile terminal. > > I meant bootstrapping the mobile terminal for the target access network. [Qin] okay, I see. >> Second, Since the pre-authoration SA is identified with the old IP address, When the Mobile moves the the target access network and has not obtained the new IP address, the old IP address will not be available, it means the pre-authorization SA is invalid. the PANA session will be interrupted for a while during the handover. In this situation, the PANA pre-authentication should depend on the layer 2 security before the pre-authorization SA becomes the post-authorization SA. When and How is the layer 2 security established? >> Before the mobile moves to the target network, whether the layer 2 connection should be maintained? > > Please see my first comment above how the PANA session is supposed to stay during handover. > For enabling L2 ciphering before the pre-authorization SA becomes > post-authorization SA, I am assuming use of pana-pemk > (http://tools.ietf.org/html/draft-ohba-pana-pemk-02). If this > mechanism is not available, then the target access network would have > to either allow IP address acquisition before L2 ciphering is enabled > or provide no L2 ciphering. [Qin] As I replied for your first comments, I can not see. As regarding L2 ciphering enabling, What i understand here is not a L2 connection maintenance but a key distribution. What's more, in some scenarios, the PAC can not establish L2 connection with Candidate PAA before Pac moves to the candidate PAA. based on this, it seems only dual radio case can work for PANA pre-authentication, i.e., the Pac not only attach to the old link but also attach to the new link before the Pac moves to the new PAA. >> >> >> >> If there is another CPAA with which the PaC has a pre-authorization >> >> SA and the PaC wants to keep the pre-authorization SA after the >> >> change of SPAA, the PaC also performs an IP address update procedure >> >> [Qin] Do you mean PANA pre-authentication can work for dual radio case or something else? >> > >> > PANA pre-authentication can work with single and dual radios (but >> > effectiveness for dual radio case may not be so large). >> [Qin] I have to point out one thing here, >> Dual radios case means the mobile attachs to the old link and the new link simutaneously. Since the PANA pre-authentication support dual radio case, it means not only L3 connection (PANA session) but also L2 connection exist between the peer and the candidate authentication before the mobile moves to the target network, do they? > > Yes. >> >> >> >> defined in Section 5.6 of [RFC5191] in order to update the CPAA with >> >> the PaC's new address. PNR and PNA messages with 'P' (Ping) bit set >> >> is used for this purpose. In this case, the 'E' (prE-authentication) >> >> bit MUST be set in the PNR and PNA messages and subsequent PANA >> >> messages. The IP address update procedure with the CPAA will not >> >> change the pre-authorization SA to a post-authorization SA. >> >> >> >> [Qin] At the first time when the PaC establish SA with one CPAA, the IP address update procedure >> >> with this CPAA can change the pre-authentication SA to a post-authroziation SA? However,At the second time when the Pac establish SA with another CPAA, why the IP adress update procedure with this CPAA can not change the pre-authorization to a post authorization SA? >> > >> > It depends on 'E' bit settings. If the IP address changes but with >> > 'E' bit set, >> [Qin]It is a typo here? what you want to said here is "If the IP address changes but without 'E' bit set" > > This not a typo. If 'E' bit is set for an established PANA session > with a pre-authorization SA, then it means that the pre-authorization > SA is kept as it is without migrating to post-authorization SA. > >> >then migration from pre-authentication SA to >> > post-authentication SA will not occur. On the other hand, the CPAA >> > should allow migration from pre-authentication SA to >> > post-authentication SA only from an interface that serves for its >> > access network to avoid undesired upgrading to post-authentication SA >> > by a remote node. We can add some text on it. >> [Qin] It will be better. > > OK. > >> My understanding is only when the candidate network is a target network, the pre-authorization SA can become post-ahorization SA. > > Yes. > >> Upon one of candidate network becomes the target network, the other candidate network can not be viewed as the target network. also the pre-authoriation SA can not be allowed to become post-authorizaiton SA, it that right? > > That's right. > >> >> >> >> >> >> >> The pre-authorization SA and the corresponding PANA session between >> >> the PaC and a CPAA is deleted by entering the termination phase of >> >> the PANA protocol. >> >> >> >> Example call flows for PaC-initiated pre-authentication and PAA- >> >> initiated pre-authentication are shown in Figure 1 and Figure 2, >> >> respectively. >> >> [Qin]In the example call flows, which steps are used to generate keying materials? >> >> which step is used to establish the SA? >> >> How many roundtrips exchange it takes to perform pre-authentication between PaC and CPAA? how long it takes to complete >> >> a full pre-authentication? what's the handover performance improvement in constrast with EAP pre-authentication? >> > >> > Keying material is established with CPAA in the last PAR/PAN exchange >> > with 'C' bit set, in the same way as RFC 5191. >> Message exchanges >> > between PaC and CPAA for pre-authentication are the same as RFC 5191, >> > the number of roundtrips depend on the EAP method, >> [Qin] what i concern here is in Figure 1: PaC-initiated Pre-authentication Call Flow, there are four piece of message changes before Pre-authroziation, after that, there are two piece of message changes to establish keying materials, It seems you indicate one EAP method is used here. So I suggest to add some text to clarify it. Thanks. > > Sure, we can add some text that EAP authentication is performed over > the PAR-PAN exchanges. [Qin] Good. >> in the same way as >> > RFC 5191. The only difference is additional 'E' bit is used in PANA >> > pre-auth. >> >I don't understand the last question since PANA >> > pre-authentication is an EAP pre-authentication. >> [Qin] Yeah, the pana is just a protocol to carry EAP message. Thank for your correcting me. >> >> >> >> 5. Authorization and Accounting Considerations >> >> >> >> A pre-authorization and a post-authorization for the PaC may have >> >> different authorization policies. For example, the pre-authorization >> >> policy may not allow the PaC to sent or receive packets through an >> >> Enforcement Point (EP) that is under control of the CPAA, while both >> >> the pre-authorization and post-authorization policies may allow >> >> installing credentials to the EP, where the credentials are used for >> >> establishing a security association for per-packet cryptographic >> >> filtering. >> >> >> >> In an access network where accounting is performed, accounting starts >> >> when the pre-authorization SA becomes the post-authorization SA by >> >> default. >> >> [Qin] What's the main difference between pre-authorization SA and post-authorization SA? >> >> Only IP address that distinguish these two SA? >> > >> > We distinguish the two SA based on the 'E' bit settings. It may be >> > possible to use IP address solely to distinguish the two SAs, e.g., >> > PANA message from IP address that do not belong to the realm of the >> > PAA could be associated with a pre-authorization SA. However, I would >> > not recommend that scheme because it will be vulnerable to IP address >> > spoofing. IMO, it's securer to use proteced indication based on 'E' >> > bit (note that 'E' bit is protected in the last PAR/PAN exchange). >> [Qin] I want to point out whether or not use IP address to distinguish the two SA, each SA should include IP address. >> Also I don't think use on bit of 'E' is more secure than use one IP address. > > I believe 'E' bit is more secure than IP address because 'E' bit is > protected once PANA SA is established while IP address is not protected. [Qin] What i undestand SA is setup in the Pac and PAA and Each SA will at least contain SPI, src IP address, dst IP address. what you understand 'E' bit will be encrypted during the 'E'bit is carried in the PANA message, am i right? So I guess we talk about the different thing. > Regards, > Yoshihiro Ohba > > >> > Thanks, >> > Yoshihiro Ohba >> _______________________________________________ >> Pana mailing list >> Pana@ietf.org >> https://www.ietf.org/mailman/listinfo/pana >> _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From julie.baigent@airsouthwest.com Thu Jan 8 08:02:13 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 788A13A6AEB for ; Thu, 8 Jan 2009 08:02:13 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -25.395 X-Spam-Level: X-Spam-Status: No, score=-25.395 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_EXTRA_CLOSE=2.809, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, IP_NOT_FRIENDLY=0.334, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1qechjvsxaG for ; Thu, 8 Jan 2009 08:02:12 -0800 (PST) Received: from almaden.ibm.com (unknown [69.79.51.39]) by core3.amsl.com (Postfix) with SMTP id 228D33A68E0 for ; Thu, 8 Jan 2009 08:02:10 -0800 (PST) To: Subject: Returned mail: User unknown From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090108160211.228D33A68E0@core3.amsl.com> Date: Thu, 8 Jan 2009 08:02:10 -0800 (PST) About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

C2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 From pana-bounces@ietf.org Thu Jan 8 11:52:26 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D238E3A67B6; Thu, 8 Jan 2009 11:52:26 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A14433A67B6 for ; Thu, 8 Jan 2009 11:52:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.424 X-Spam-Level: X-Spam-Status: No, score=-6.424 tagged_above=-999 required=5 tests=[AWL=0.175, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pwjk6DBSowyK for ; Thu, 8 Jan 2009 11:52:25 -0800 (PST) Received: from mgw-mx03.nokia.com (smtp.nokia.com [192.100.122.230]) by core3.amsl.com (Postfix) with ESMTP id AD8AD3A657C for ; Thu, 8 Jan 2009 11:52:24 -0800 (PST) Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-mx03.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id n08Jq6sp004997 for ; Thu, 8 Jan 2009 21:52:09 +0200 Received: from vaebh102.NOE.Nokia.com ([10.160.244.23]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 8 Jan 2009 21:52:07 +0200 Received: from vaebe112.NOE.Nokia.com ([10.160.244.81]) by vaebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 8 Jan 2009 21:52:03 +0200 Received: from 172.19.60.193 ([172.19.60.193]) by vaebe112.NOE.Nokia.com ([10.160.244.81]) with Microsoft Exchange Server HTTP-DAV ; Thu, 8 Jan 2009 19:52:03 +0000 User-Agent: Microsoft-Entourage/12.15.0.081119 Date: Thu, 08 Jan 2009 13:52:12 -0600 From: Basavaraj Patil To: Message-ID: Thread-Topic: WG LC: Pre-authentication Support for PANA Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQ== Mime-version: 1.0 X-OriginalArrivalTime: 08 Jan 2009 19:52:03.0487 (UTC) FILETIME=[93DD82F0:01C971CA] X-Nokia-AV: Clean Subject: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hello, This is a WG last call for I-D: Pre-authentication Support for PANA . The last call will end on January 22nd, 09. Please send your comments to the mailing list prior to the deadline. -Chairs _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jan 8 15:18:07 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 650563A68B5; Thu, 8 Jan 2009 15:18:07 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 581C43A68B5 for ; Thu, 8 Jan 2009 15:18:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.996 X-Spam-Level: X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[AWL=0.604, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mp+AH9fEzpHx for ; Thu, 8 Jan 2009 15:18:05 -0800 (PST) Received: from smtpauth19.prod.mesa1.secureserver.net (smtpauth19.prod.mesa1.secureserver.net [64.202.165.30]) by core3.amsl.com (Postfix) with SMTP id 8CF703A67A3 for ; Thu, 8 Jan 2009 15:18:05 -0800 (PST) Received: (qmail 18769 invoked from network); 8 Jan 2009 23:17:51 -0000 Received: from unknown (67.160.38.190) by smtpauth19.prod.mesa1.secureserver.net (64.202.165.30) with ESMTP; 08 Jan 2009 23:17:49 -0000 From: "Glen Zorn" To: "'Basavaraj Patil'" References: In-Reply-To: Date: Thu, 8 Jan 2009 15:17:05 -0800 Organization: Network Zen Message-ID: <015101c971e7$38bc5320$aa34f960$@net> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQAHDqiQ Content-Language: en-us Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org This is interesting. I was under the impression that the draft in question was under active discussion on this list, but the issuance of last call implies that the document is technically complete & non-controversial. > -----Original Message----- > From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf Of > Basavaraj Patil > Sent: Thursday, January 08, 2009 11:52 AM > To: pana@ietf.org > Subject: [Pana] WG LC: Pre-authentication Support for PANA > > > > Hello, > > This is a WG last call for I-D: Pre-authentication Support for PANA > . > > The last call will end on January 22nd, 09. Please send your comments > to the mailing list prior to the deadline. > > -Chairs > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From merysollopez@almaceneslaganga.com Fri Jan 9 06:07:57 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CA2663A67CF for ; Fri, 9 Jan 2009 06:07:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -32.111 X-Spam-Level: X-Spam-Status: No, score=-32.111 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WN4OVRmmA2QS for ; Fri, 9 Jan 2009 06:07:56 -0800 (PST) Received: from 87-126-102-103.btc-net.bg (87-126-102-103.btc-net.bg [87.126.102.103]) by core3.amsl.com (Postfix) with SMTP id 66FC43A68FF for ; Fri, 9 Jan 2009 06:07:53 -0800 (PST) To: Subject: Re: Order status 01547 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090109140754.66FC43A68FF@core3.amsl.com> Date: Fri, 9 Jan 2009 06:07:53 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 67200
From pana-bounces@ietf.org Fri Jan 9 09:32:55 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E108228C127; Fri, 9 Jan 2009 09:32:55 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6B28728C127 for ; Fri, 9 Jan 2009 09:32:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.53 X-Spam-Level: X-Spam-Status: No, score=-2.53 tagged_above=-999 required=5 tests=[AWL=0.069, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aboxLkBKEdcC for ; Fri, 9 Jan 2009 09:32:53 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 784BB3A6835 for ; Fri, 9 Jan 2009 09:32:53 -0800 (PST) Received: from steelhead.localdomain (ns.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n09HTmvN076265; Fri, 9 Jan 2009 12:30:13 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LLJvd-00053Q-LH; Fri, 09 Jan 2009 11:09:45 -0500 Date: Fri, 9 Jan 2009 11:09:40 -0500 From: Yoshihiro Ohba To: Qin Wu Message-ID: <20090109160940.GA10401@steelhead.localdomain> References: <20081025144337.GA20427@steelhead.localdomain> <00c701c96338$7120c060$ff5afea9@D50B3A3B0629485> <20081222203954.GC7742@steelhead.localdomain> <000f01c964ad$ba33b340$1c0ca40a@china.huawei.com> <20090106202546.GK31353@steelhead.localdomain> <01dd01c97173$491ee8f0$1c0ca40a@china.huawei.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <01dd01c97173$491ee8f0$1c0ca40a@china.huawei.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: Basavaraj Patil , pana@ietf.org Subject: Re: [Pana] I-D: draft-ietf-pana-preauth X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Qin, On Thu, Jan 08, 2009 at 05:27:11PM +0800, Qin Wu wrote: (snip) > [Qin] From the defintion of pana session in section 2 of RFC5191, the termination event usually happen in case of failure or authentication exception. I can not see any mechanism to keep session continuity. > I wonder whether PANA session need to support mobility? What's the relationship between PANA session and mobile IP session? Mobility aspect is considered in Section 5.6 of RFC 5191, and there is no need for a home address that does not change in order to maintain the IP address change for PANA session. This is because PANA does not carry any application traffic unlike Mobile IP. > > > > What I meant is, there are two pre-authentication sceanarios (i.e., > > direct pre-auth and indirect pre-auth) and PANA pre-auth is defined as > > one solution for direct pre-auth. The draft-ietf-hokey-preauth-ps I-D > > does not mention which pre-authentication scenario is better. > [Qin] Correct. Actually what i concern here is in the model(Peer-CA-AAA)model, more threats will be introduced for layer 3 authentication without association with the CA. Can you elaborate on new threats you consider? > > > > Please see my first comment above how the PANA session is supposed to stay during handover. > > For enabling L2 ciphering before the pre-authorization SA becomes > > post-authorization SA, I am assuming use of pana-pemk > > (http://tools.ietf.org/html/draft-ohba-pana-pemk-02). If this > > mechanism is not available, then the target access network would have > > to either allow IP address acquisition before L2 ciphering is enabled > > or provide no L2 ciphering. > [Qin] As I replied for your first comments, I can not see. Please see my response above for why home address is not needed to maintain the PANA session across IP address changes. > As regarding L2 ciphering enabling, What i understand here is not a L2 connection maintenance but a key distribution. > What's more, in some scenarios, the PAC can not establish L2 connection with Candidate PAA before Pac moves to the candidate PAA. > based on this, it seems only dual radio case can work for PANA pre-authentication, i.e., the Pac not only attach to the old link but also attach to the new link before the Pac moves to the new PAA. There is no need to establish L2 connection in the candidate network before the PaC moves to the candidate PAA. > >> [Qin] I want to point out whether or not use IP address to distinguish the two SA, each SA should include IP address. > >> Also I don't think use on bit of 'E' is more secure than use one IP address. > > > > I believe 'E' bit is more secure than IP address because 'E' bit is > > protected once PANA SA is established while IP address is not protected. > [Qin] What i undestand SA is setup in the Pac and PAA and Each SA will at least contain SPI, src IP address, dst IP address. > what you understand 'E' bit will be encrypted during the 'E'bit is carried in the PANA message, am i right? > So I guess we talk about the different thing. 'E' bit is integrity protected, not encrypted. We don't use the term SPI for PANA. Details on PANA SA is described in Section 5.3 of RFC 5191. Thanks, Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From morton@acmebrick.com Fri Jan 9 18:05:44 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 494893A6930 for ; Fri, 9 Jan 2009 18:05:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -23.647 X-Spam-Level: X-Spam-Status: No, score=-23.647 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HELO_EQ_TELESP=1.245, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN02=1.666, SARE_UNI=0.591, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YWcoHCKZmazA for ; Fri, 9 Jan 2009 18:05:43 -0800 (PST) Received: from 201-92-64-159.dsl.telesp.net.br (201-92-64-159.dsl.telesp.net.br [201.92.64.159]) by core3.amsl.com (Postfix) with SMTP id 2D0923A63D3 for ; Fri, 9 Jan 2009 18:05:41 -0800 (PST) To: Subject: Your order 06435 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090110020542.2D0923A63D3@core3.amsl.com> Date: Fri, 9 Jan 2009 18:05:41 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 08076
From machadoo@ahrana.gov.br Sat Jan 10 05:07:31 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 231AF28C198 for ; Sat, 10 Jan 2009 05:07:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -29.391 X-Spam-Level: X-Spam-Status: No, score=-29.391 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T+waA3AM60Do for ; Sat, 10 Jan 2009 05:07:30 -0800 (PST) Received: from potts.plus.com (potts.plus.com [195.166.158.210]) by core3.amsl.com (Postfix) with SMTP id 62CBC28C0D9 for ; Sat, 10 Jan 2009 05:07:28 -0800 (PST) To: Subject: Re: Order status 45063 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090110130729.62CBC28C0D9@core3.amsl.com> Date: Sat, 10 Jan 2009 05:07:28 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 91231
From nistracion@alcer.info Sat Jan 10 10:24:56 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 240023A6A84 for ; Sat, 10 Jan 2009 10:24:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -46.202 X-Spam-Level: X-Spam-Status: No, score=-46.202 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_EQ_JP=1.244, HTML_IMAGE_ONLY_12=2.46, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4F4RT-JeISwa for ; Sat, 10 Jan 2009 10:24:55 -0800 (PST) Received: from adm.fukuoka-u.ac.jp (unknown [89.250.164.209]) by core3.amsl.com (Postfix) with SMTP id 84DC63A68C8 for ; Sat, 10 Jan 2009 10:24:52 -0800 (PST) To: Subject: Your order 51050 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090110182453.84DC63A68C8@core3.amsl.com> Date: Sat, 10 Jan 2009 10:24:52 -0800 (PST)

©2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 88268
From myers@acutecprecision.com Mon Jan 12 00:57:50 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1161528C2D7 for ; Mon, 12 Jan 2009 00:57:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.241 X-Spam-Level: X-Spam-Status: No, score=-14.241 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_IS_SMALL6=0.556, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4KBw1WYbeIP2 for ; Mon, 12 Jan 2009 00:57:49 -0800 (PST) Received: from aget.gr (unknown [78.128.4.242]) by core3.amsl.com (Postfix) with SMTP id 41E7528C2D0 for ; Mon, 12 Jan 2009 00:57:47 -0800 (PST) To: Subject: RE: Message 76821 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090112085748.41E7528C2D0@core3.amsl.com> Date: Mon, 12 Jan 2009 00:57:47 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 66024
From m.hayamazwai@amada.co.jp Mon Jan 12 02:16:51 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BC9C428C30D for ; Mon, 12 Jan 2009 02:16:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -26.204 X-Spam-Level: X-Spam-Status: No, score=-26.204 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t-CB7Hy1TSUl for ; Mon, 12 Jan 2009 02:16:51 -0800 (PST) Received: from advdigtech.com (unknown [81.213.125.151]) by core3.amsl.com (Postfix) with SMTP id DA84E28C305 for ; Mon, 12 Jan 2009 02:16:49 -0800 (PST) To: Subject: Your order 80489 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090112101649.DA84E28C305@core3.amsl.com> Date: Mon, 12 Jan 2009 02:16:49 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 74758
From creativeservices@matthau.com Mon Jan 12 07:06:42 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 03CCF3A69F0; Mon, 12 Jan 2009 07:06:42 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.737 X-Spam-Level: X-Spam-Status: No, score=-12.737 tagged_above=-999 required=5 tests=[BAYES_80=2, FH_RELAY_NODNS=1.451, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_DSL=1.129, HELO_MISMATCH_NET=0.611, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sqJidbAVYJGl; Mon, 12 Jan 2009 07:06:41 -0800 (PST) Received: from 190.75-108-69.dyn.dsl.cantv.net (unknown [190.75.108.69]) by core3.amsl.com (Postfix) with SMTP id E47643A6955; Mon, 12 Jan 2009 07:06:26 -0800 (PST) X-Originating-IP: 150.56.68.64 by smtp.190.75.108.69; Mon, 12 Jan 2009 11:00:14 -0300 Message-ID: Subject: Jaeger LeCoultre watch models from 2009! Date: Mon, 12 Jan 2009 09:06:14 -0500 From: "Kerry Jenkins" To: "Tony Wood" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Tony, Looking for a Breitling? How about getting two, one for you and one for your spouse? http://www.tallrole.com/ From ariella@fashiondirect.ca Mon Jan 12 23:55:39 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C93833A6936; Mon, 12 Jan 2009 23:55:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.233 X-Spam-Level: X-Spam-Status: No, score=-2.233 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yvnIFh6j+WGi; Mon, 12 Jan 2009 23:55:39 -0800 (PST) Received: from cable201-233-108-148.epm.net.co (cable201-233-108-148.epm.net.co [201.233.108.148]) by core3.amsl.com (Postfix) with SMTP id 37B163A67D1; Mon, 12 Jan 2009 23:55:23 -0800 (PST) X-Originating-IP: 104.32.0.218 by smtp.201.233.108.148; Tue, 13 Jan 2009 05:55:10 -0100 Message-ID: Subject: Vacheron Constantin better than you could imagine! Date: Tue, 13 Jan 2009 01:55:10 -0500 From: "Socorro Donovan" To: "Kristy Gilbert" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Kristy, Looking for a Gucci? How about getting two, one for you and one for your spouse? http://www.tallroll.com/ The best news is that in January (2009) you can buy two watches and get an extra 15% off your purchase! http://www.tallroll.com/ Our Gucci watches have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Gilbert From kathy_turner@agri-fab.com Tue Jan 13 01:07:12 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CFDBA3A68FC for ; Tue, 13 Jan 2009 01:07:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.442 X-Spam-Level: X-Spam-Status: No, score=-21.442 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_DYNAMIC=1.144, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id btZSOei9Wd1Q for ; Tue, 13 Jan 2009 01:07:12 -0800 (PST) Received: from host92-37-dynamic.7-79-r.retail.telecomitalia.it (host92-37-dynamic.7-79-r.retail.telecomitalia.it [79.7.37.92]) by core3.amsl.com (Postfix) with SMTP id 2ED1B3A677C for ; Tue, 13 Jan 2009 01:07:07 -0800 (PST) To: Subject: Re: Order status 40314 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090113090709.2ED1B3A677C@core3.amsl.com> Date: Tue, 13 Jan 2009 01:07:07 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 17881
From contracts@msp-asia.com Tue Jan 13 09:29:07 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4D8D428C127; Tue, 13 Jan 2009 09:29:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -38.451 X-Spam-Level: X-Spam-Status: No, score=-38.451 tagged_above=-999 required=5 tests=[AWL=-2.483, BAYES_80=2, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AjH-z+9srvi0; Tue, 13 Jan 2009 09:29:06 -0800 (PST) Received: from 187-41-124-91.pool.ukrtel.net (187-41-124-91.pool.ukrtel.net [91.124.41.187]) by core3.amsl.com (Postfix) with SMTP id BB5583A67D7; Tue, 13 Jan 2009 09:28:43 -0800 (PST) X-Originating-IP: 179.92.68.224 by smtp.91.124.41.187; Tue, 13 Jan 2009 20:28:30 +0400 Message-ID: Subject: Gucci cheaper than you could imagine! Date: Tue, 13 Jan 2009 11:28:30 -0500 From: "Amanda Barton" To: "Harriet Cornell" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Harriet, Looking for a Tag Heuer? How about getting two, one for you and one for your spouse? http://www.tallrole.com/ With top notch customer service and super warranty, we stand behind our watches. http://www.tallrole.com/ Our Tag Heuer watches have perfect weight and feel same as orginal. Sincerely, Mr Cornell From czb@cnpolice.sina.net Tue Jan 13 18:24:46 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 52C623A6A4A; Tue, 13 Jan 2009 18:24:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -19.301 X-Spam-Level: X-Spam-Status: No, score=-19.301 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1upvBdNoJNLO; Tue, 13 Jan 2009 18:24:45 -0800 (PST) Received: from 212-237-20-190.adsl.terra.cl (212-237-20-190.adsl.terra.cl [190.20.237.212]) by core3.amsl.com (Postfix) with SMTP id 831923A6AA7; Tue, 13 Jan 2009 18:24:35 -0800 (PST) X-Originating-IP: 169.172.119.60 by smtp.190.20.237.212; Tue, 13 Jan 2009 20:20:22 -0500 Message-ID: Subject: Emporio Armani watch models from 2009! Date: Tue, 13 Jan 2009 20:24:22 -0500 From: "Alvaro Laird" To: "Reed Hatch" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Reed, Looking for a Chopard watch that no one can tell from the original? You're in luck, because we have the best copies http://www.tallrole.com/ We are offering wholesaler prices on all watches during the month of January 2009. http://www.tallrole.com/ Our Chopard watches have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Hatch From mail@alexandriametalfinishers.com Wed Jan 14 02:43:57 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DA7673A68BC for ; Wed, 14 Jan 2009 02:43:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.962 X-Spam-Level: X-Spam-Status: No, score=-10.962 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tFTyaZQyEoGK for ; Wed, 14 Jan 2009 02:43:55 -0800 (PST) Received: from alphatechconcepts.com (unknown [59.183.31.44]) by core3.amsl.com (Postfix) with SMTP id D03083A686C for ; Wed, 14 Jan 2009 02:43:53 -0800 (PST) To: Subject: Your order 95851 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090114104353.D03083A686C@core3.amsl.com> Date: Wed, 14 Jan 2009 02:43:53 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 17334
From graphics@screenmaster.net Wed Jan 14 06:20:39 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B42F23A69D3; Wed, 14 Jan 2009 06:20:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -88.174 X-Spam-Level: X-Spam-Status: No, score=-88.174 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uT--YMDVbNS0; Wed, 14 Jan 2009 06:20:39 -0800 (PST) Received: from tdev227-127.codetel.net.do (unknown [201.229.227.127]) by core3.amsl.com (Postfix) with SMTP id ED19928C1A4; Wed, 14 Jan 2009 06:20:08 -0800 (PST) X-Originating-IP: 144.0.8.144 by smtp.201.229.227.127; Wed, 14 Jan 2009 18:15:53 +0500 Message-ID: Subject: Vacheron Constantin cheaper than you could imagine! Date: Wed, 14 Jan 2009 08:19:53 -0500 From: "Mercedes Jewell" To: "Lance Rodrigues" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Lance, How about buying yourself a two Omega watches the same day? It's not impossible, mostly when you can get them for a couple hundred bucks http://kellycue.narod.ru Get two deeply discounted watches and take an extra 15% discount. http://kellycue.narod.ru Our Omega watches have perfect weight and feel same as orginal. Sincerely, Mr Rodrigues From pana-bounces@ietf.org Thu Jan 15 01:38:46 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D2593A688D; Thu, 15 Jan 2009 01:38:46 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 24CDC3A67E6 for ; Thu, 15 Jan 2009 01:38:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.888 X-Spam-Level: X-Spam-Status: No, score=-0.888 tagged_above=-999 required=5 tests=[AWL=0.262, BAYES_00=-2.599, MSGID_MULTIPLE_AT=1.449] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qt8CtMHB54nx for ; Thu, 15 Jan 2009 01:38:44 -0800 (PST) Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by core3.amsl.com (Postfix) with ESMTP id 2D1DE3A67A1 for ; Thu, 15 Jan 2009 01:38:44 -0800 (PST) Received: from LENOVO (dsl88-247-34762.ttnet.net.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis) id 0MKp8S-1LNOgD2xJ1-000SnH; Thu, 15 Jan 2009 04:38:29 -0500 From: "Alper Yegin" To: "'Basavaraj Patil'" , References: In-Reply-To: Date: Thu, 15 Jan 2009 11:38:20 +0200 Message-ID: <04b201c976f5$0367a900$0a36fb00$@yegin@yegin.org> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQ Content-Language: en-us X-Provags-ID: V01U2FsdGVkX18n5hQK+G2Oi2MW4NFa/uWCUCWtxNA+35eIWYM I4EWMGRhtlI5h94uPrVM40doy9/oVqU83JBdIWxUm2pNOafUJ8 9B+0wQQ8aCHSBTDZj3hjA== Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Here are my comments. - "The PCI message MUST be unicast." Not sure why we have such a constraint. Does using a non-unicast address break anything? If not, let's not be constraining the spec unnecessarily. Not that I see any use for this right away, but I don't see a reason to prohibit future possibilities unless we see a value in having such a constraint. - "Once the PaC and CPAA have agreed on performing pre-authentication using the 'S' (Start) and 'E' (prE-authentication) bits, the subsequent PANA messages exchanged between them MUST have the 'E' (prE-authentication) bit set." Not forever, right? We shall state "... MUST have the 'E' bit set until CPAA becomes SPAA of the PaC". - I didn't understand the utility of "Pre-authorization SA" and "Pre-authorization SA" distinction. There is only one PANA SA. It does not change when the PaC attaches to the target network. - In an access network where accounting is performed, accounting starts when the pre-authorization SA becomes the post-authorization SA by default. Depending on the pre-authorization policy, accounting may start immediately after the pre-authorization SA is established. This spec should not care when acct starts. - Since the mechanism described in this document is designed to work across multiple access networks, each EP in the serving network SHOULD be configured to allow PANA messages to be forwarded between a PaC and a CPAA only if the PaC has a post-authorization SA with the SPAA in order to avoid an unauthorized PaC to initiate pre- authentication. Not sure why we have to say anything like that. PANA pre-auth is just UDP. Unless the serving network "intends to block" pre-auth, it would not be preventing pre-auth. An EP should allow PANA messages from unauthorized only if they are destined to SPAA. So, it should not blindly allow PANA messages. They may not only allow pre-authentication (not that harmful), but they may even piggyback some data to punch a hole through EP. I guess this is what the spec intends to talk about, but it was not that clear to me from reading it. - The pre-authentication mechanism defined in this document does not have an issue on context binding in which link-layer independent context carried over pre-authentication signaling is bound to the link-layer specific context [I-D.ietf-hokey-preauth-ps], because the same EAP transport protocol (i.e., PANA) is used for normal authentication and pre-authentication in the candidate network. This does not even describe what the issue could be. I don't see a value in having this paragraph here. Editorial: - If the PaC is a mobile device and is capable of moving one access network to another while running its applications, s/moving one/moving from one - allow the PaC to sent or receive packets s/sent/send Thank you. Alper > -----Original Message----- > From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf Of > Basavaraj Patil > Sent: Thursday, January 08, 2009 9:52 PM > To: pana@ietf.org > Subject: [Pana] WG LC: Pre-authentication Support for PANA > > > > Hello, > > This is a WG last call for I-D: Pre-authentication Support for PANA > . > > The last call will end on January 22nd, 09. Please send your comments > to the mailing list prior to the deadline. > > -Chairs > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From mkp@anadolu.edu.tr Thu Jan 15 02:13:33 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 372FD3A68DB for ; Thu, 15 Jan 2009 02:13:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.694 X-Spam-Level: X-Spam-Status: No, score=-13.694 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_DYNAMIC_DHCP=1.398, HELO_EQ_DSL=1.129, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_3=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 69cHj91rgf87 for ; Thu, 15 Jan 2009 02:13:26 -0800 (PST) Received: from adsl-186-49.globonet.hu (adsl-186-49.globonet.hu [82.144.186.49]) by core3.amsl.com (Postfix) with SMTP id 5871C3A67E6 for ; Thu, 15 Jan 2009 02:13:22 -0800 (PST) To: Subject: RE: message 48412 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090115101324.5871C3A67E6@core3.amsl.com> Date: Thu, 15 Jan 2009 02:13:22 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

©2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 32741
From pana-bounces@ietf.org Thu Jan 15 12:05:27 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B7D1A3A69E8; Thu, 15 Jan 2009 12:05:27 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3C4AC3A68B6 for ; Thu, 15 Jan 2009 12:05:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.995 X-Spam-Level: X-Spam-Status: No, score=-1.995 tagged_above=-999 required=5 tests=[AWL=0.604, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u2NR14AOWuZl for ; Thu, 15 Jan 2009 12:05:25 -0800 (PST) Received: from smtpauth11.prod.mesa1.secureserver.net (smtpauth11.prod.mesa1.secureserver.net [64.202.165.33]) by core3.amsl.com (Postfix) with SMTP id 3F8603A6891 for ; Thu, 15 Jan 2009 12:05:25 -0800 (PST) Received: (qmail 28372 invoked from network); 15 Jan 2009 20:03:03 -0000 Received: from unknown (67.160.38.190) by smtpauth11.prod.mesa1.secureserver.net (64.202.165.33) with ESMTP; 15 Jan 2009 20:03:02 -0000 From: "Glen Zorn" To: "'Alper Yegin'" , "'Basavaraj Patil'" References: <04b201c976f5$0367a900$0a36fb00$@yegin@yegin.org> In-Reply-To: <04b201c976f5$0367a900$0a36fb00$@yegin@yegin.org> Date: Thu, 15 Jan 2009 12:02:25 -0800 Organization: Network Zen Message-ID: <004401c9774c$302794d0$9076be70$@net> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YA= Content-Language: en-us Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Second try: is it the opinion of the WG Chairs that there is firm consensus around this document? If so, may I ask what this determination is based upon, given the ongoing discussions on this list? > -----Original Message----- > From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf Of > Alper Yegin > Sent: Thursday, January 15, 2009 1:38 AM > To: 'Basavaraj Patil'; pana@ietf.org > Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA > > Here are my comments. > > > - "The PCI message MUST be unicast." > > Not sure why we have such a constraint. Does using a non-unicast > address > break anything? If not, let's not be constraining the spec > unnecessarily. > Not that I see any use for this right away, but I don't see a reason to > prohibit future possibilities unless we see a value in having such a > constraint. > > > - "Once the PaC and CPAA have agreed on performing pre-authentication > using the 'S' (Start) and 'E' (prE-authentication) bits, the > subsequent PANA messages exchanged between them MUST have the 'E' > (prE-authentication) bit set." > > Not forever, right? We shall state "... MUST have the 'E' bit set until > CPAA > becomes SPAA of the PaC". > > - I didn't understand the utility of "Pre-authorization SA" and > "Pre-authorization SA" distinction. There is only one PANA SA. It does > not > change when the PaC attaches to the target network. > > - In an access network where accounting is performed, accounting > starts > when the pre-authorization SA becomes the post-authorization SA by > default. Depending on the pre-authorization policy, accounting may > start immediately after the pre-authorization SA is established. > > > This spec should not care when acct starts. > > - Since the mechanism described in this document is designed to work > across multiple access networks, each EP in the serving network > SHOULD be configured to allow PANA messages to be forwarded between > a > PaC and a CPAA only if the PaC has a post-authorization SA with the > SPAA in order to avoid an unauthorized PaC to initiate pre- > authentication. > > Not sure why we have to say anything like that. PANA pre-auth is just > UDP. > Unless the serving network "intends to block" pre-auth, it would not be > preventing pre-auth. > > An EP should allow PANA messages from unauthorized only if they are > destined > to SPAA. > So, it should not blindly allow PANA messages. They may not only allow > pre-authentication (not that harmful), but they may even piggyback some > data > to punch a hole through EP. I guess this is what the spec intends to > talk > about, but it was not that clear to me from reading it. > > - The pre-authentication mechanism defined in this document does not > have an issue on context binding in which link-layer independent > context carried over pre-authentication signaling is bound to the > link-layer specific context [I-D.ietf-hokey-preauth-ps], because the > same EAP transport protocol (i.e., PANA) is used for normal > authentication and pre-authentication in the candidate network. > > > This does not even describe what the issue could be. I don't see a > value in > having this paragraph here. > > > Editorial: > > - If the PaC is a > mobile device and is capable of moving one access network to another > while running its applications, > > s/moving one/moving from one > > > - allow the PaC to sent or receive packets > > s/sent/send > > > Thank you. > > Alper > > > > > > > -----Original Message----- > > From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf > Of > > Basavaraj Patil > > Sent: Thursday, January 08, 2009 9:52 PM > > To: pana@ietf.org > > Subject: [Pana] WG LC: Pre-authentication Support for PANA > > > > > > > > Hello, > > > > This is a WG last call for I-D: Pre-authentication Support for PANA > > . > > > > The last call will end on January 22nd, 09. Please send your comments > > to the mailing list prior to the deadline. > > > > -Chairs > > > > _______________________________________________ > > Pana mailing list > > Pana@ietf.org > > https://www.ietf.org/mailman/listinfo/pana > > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jan 15 12:19:17 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3B8D73A69F6; Thu, 15 Jan 2009 12:19:17 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C98CD3A69F6 for ; Thu, 15 Jan 2009 12:19:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.499 X-Spam-Level: X-Spam-Status: No, score=-6.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MhBEddGAo576 for ; Thu, 15 Jan 2009 12:19:14 -0800 (PST) Received: from mgw-mx03.nokia.com (smtp.nokia.com [192.100.122.230]) by core3.amsl.com (Postfix) with ESMTP id 7DF783A69B0 for ; Thu, 15 Jan 2009 12:19:14 -0800 (PST) Received: from esebh105.NOE.Nokia.com (esebh105.ntc.nokia.com [172.21.138.211]) by mgw-mx03.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id n0FKIrqT023946; Thu, 15 Jan 2009 22:18:57 +0200 Received: from vaebh102.NOE.Nokia.com ([10.160.244.23]) by esebh105.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 15 Jan 2009 22:18:40 +0200 Received: from vaebe112.NOE.Nokia.com ([10.160.244.81]) by vaebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 15 Jan 2009 22:18:39 +0200 Received: from 172.19.60.146 ([172.19.60.146]) by vaebe112.NOE.Nokia.com ([10.160.244.81]) with Microsoft Exchange Server HTTP-DAV ; Thu, 15 Jan 2009 20:18:39 +0000 User-Agent: Microsoft-Entourage/12.15.0.081119 Date: Thu, 15 Jan 2009 14:18:50 -0600 From: Basavaraj Patil To: ext Glen Zorn , Alper Yegin Message-ID: Thread-Topic: [Pana] WG LC: Pre-authentication Support for PANA Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YAAAN42UQ== In-Reply-To: <004401c9774c$302794d0$9076be70$@net> Mime-version: 1.0 X-OriginalArrivalTime: 15 Jan 2009 20:18:39.0938 (UTC) FILETIME=[7450DA20:01C9774E] X-Nokia-AV: Clean Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Glen, Firm consensus might be a stretch of terminology. The chairs believe that this document is useful in the context of PANA. This has been echoed by people in the room at previous IETF meetings. And hence the current WG LC to progress the document. -Raj On 1/15/09 2:02 PM, "ext Glen Zorn" wrote: > Second try: is it the opinion of the WG Chairs that there is firm consensus > around this document? If so, may I ask what this determination is based > upon, given the ongoing discussions on this list? > >> -----Original Message----- >> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf Of >> Alper Yegin >> Sent: Thursday, January 15, 2009 1:38 AM >> To: 'Basavaraj Patil'; pana@ietf.org >> Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA >> >> Here are my comments. >> >> >> - "The PCI message MUST be unicast." >> >> Not sure why we have such a constraint. Does using a non-unicast >> address >> break anything? If not, let's not be constraining the spec >> unnecessarily. >> Not that I see any use for this right away, but I don't see a reason to >> prohibit future possibilities unless we see a value in having such a >> constraint. >> >> >> - "Once the PaC and CPAA have agreed on performing pre-authentication >> using the 'S' (Start) and 'E' (prE-authentication) bits, the >> subsequent PANA messages exchanged between them MUST have the 'E' >> (prE-authentication) bit set." >> >> Not forever, right? We shall state "... MUST have the 'E' bit set until >> CPAA >> becomes SPAA of the PaC". >> >> - I didn't understand the utility of "Pre-authorization SA" and >> "Pre-authorization SA" distinction. There is only one PANA SA. It does >> not >> change when the PaC attaches to the target network. >> >> - In an access network where accounting is performed, accounting >> starts >> when the pre-authorization SA becomes the post-authorization SA by >> default. Depending on the pre-authorization policy, accounting may >> start immediately after the pre-authorization SA is established. >> >> >> This spec should not care when acct starts. >> >> - Since the mechanism described in this document is designed to work >> across multiple access networks, each EP in the serving network >> SHOULD be configured to allow PANA messages to be forwarded between >> a >> PaC and a CPAA only if the PaC has a post-authorization SA with the >> SPAA in order to avoid an unauthorized PaC to initiate pre- >> authentication. >> >> Not sure why we have to say anything like that. PANA pre-auth is just >> UDP. >> Unless the serving network "intends to block" pre-auth, it would not be >> preventing pre-auth. >> >> An EP should allow PANA messages from unauthorized only if they are >> destined >> to SPAA. >> So, it should not blindly allow PANA messages. They may not only allow >> pre-authentication (not that harmful), but they may even piggyback some >> data >> to punch a hole through EP. I guess this is what the spec intends to >> talk >> about, but it was not that clear to me from reading it. >> >> - The pre-authentication mechanism defined in this document does not >> have an issue on context binding in which link-layer independent >> context carried over pre-authentication signaling is bound to the >> link-layer specific context [I-D.ietf-hokey-preauth-ps], because the >> same EAP transport protocol (i.e., PANA) is used for normal >> authentication and pre-authentication in the candidate network. >> >> >> This does not even describe what the issue could be. I don't see a >> value in >> having this paragraph here. >> >> >> Editorial: >> >> - If the PaC is a >> mobile device and is capable of moving one access network to another >> while running its applications, >> >> s/moving one/moving from one >> >> >> - allow the PaC to sent or receive packets >> >> s/sent/send >> >> >> Thank you. >> >> Alper >> >> >> >> >> >>> -----Original Message----- >>> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf >> Of >>> Basavaraj Patil >>> Sent: Thursday, January 08, 2009 9:52 PM >>> To: pana@ietf.org >>> Subject: [Pana] WG LC: Pre-authentication Support for PANA >>> >>> >>> >>> Hello, >>> >>> This is a WG last call for I-D: Pre-authentication Support for PANA >>> . >>> >>> The last call will end on January 22nd, 09. Please send your comments >>> to the mailing list prior to the deadline. >>> >>> -Chairs >>> >>> _______________________________________________ >>> Pana mailing list >>> Pana@ietf.org >>> https://www.ietf.org/mailman/listinfo/pana >> >> >> _______________________________________________ >> Pana mailing list >> Pana@ietf.org >> https://www.ietf.org/mailman/listinfo/pana > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jan 15 12:30:40 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 513353A69B0; Thu, 15 Jan 2009 12:30:40 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7582F3A6891 for ; Thu, 15 Jan 2009 12:30:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.116 X-Spam-Level: X-Spam-Status: No, score=-2.116 tagged_above=-999 required=5 tests=[AWL=0.483, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IOwC2DnV+ryT for ; Thu, 15 Jan 2009 12:30:38 -0800 (PST) Received: from smtpauth05.prod.mesa1.secureserver.net (smtpauth05.prod.mesa1.secureserver.net [64.202.165.99]) by core3.amsl.com (Postfix) with SMTP id 662993A69A9 for ; Thu, 15 Jan 2009 12:30:38 -0800 (PST) Received: (qmail 31336 invoked from network); 15 Jan 2009 20:29:13 -0000 Received: from unknown (67.160.38.190) by smtpauth05.prod.mesa1.secureserver.net (64.202.165.99) with ESMTP; 15 Jan 2009 20:29:11 -0000 From: "Glen Zorn" To: "'Basavaraj Patil'" , "'Alper Yegin'" References: <004401c9774c$302794d0$9076be70$@net> In-Reply-To: Date: Thu, 15 Jan 2009 12:28:34 -0800 Organization: Network Zen Message-ID: <004e01c9774f$d71ccb40$855661c0$@net> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YAAAN42UQAADikw Content-Language: en-us Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Basavaraj Patil [mailto:basavaraj.patil@nokia.com] writes: > Hi Glen, > > Firm consensus might be a stretch of terminology. > The chairs believe that this document is useful in the context of PANA. That would certainly be a good rationale for the document's adoption as WH item; however, my understanding is that LC normally signifies that the document is complete (unless you are planning to follow the recently popular method of issuing multiple "Last" Calls). > This has been echoed by people in the room at previous IETF meetings. > And > hence the current WG LC to progress the document. > > -Raj > > > On 1/15/09 2:02 PM, "ext Glen Zorn" wrote: > > > Second try: is it the opinion of the WG Chairs that there is firm > consensus > > around this document? If so, may I ask what this determination is > based > > upon, given the ongoing discussions on this list? > > > >> -----Original Message----- > >> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf > Of > >> Alper Yegin > >> Sent: Thursday, January 15, 2009 1:38 AM > >> To: 'Basavaraj Patil'; pana@ietf.org > >> Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA > >> > >> Here are my comments. > >> > >> > >> - "The PCI message MUST be unicast." > >> > >> Not sure why we have such a constraint. Does using a non-unicast > >> address > >> break anything? If not, let's not be constraining the spec > >> unnecessarily. > >> Not that I see any use for this right away, but I don't see a reason > to > >> prohibit future possibilities unless we see a value in having such a > >> constraint. > >> > >> > >> - "Once the PaC and CPAA have agreed on performing pre- > authentication > >> using the 'S' (Start) and 'E' (prE-authentication) bits, the > >> subsequent PANA messages exchanged between them MUST have the > 'E' > >> (prE-authentication) bit set." > >> > >> Not forever, right? We shall state "... MUST have the 'E' bit set > until > >> CPAA > >> becomes SPAA of the PaC". > >> > >> - I didn't understand the utility of "Pre-authorization SA" and > >> "Pre-authorization SA" distinction. There is only one PANA SA. It > does > >> not > >> change when the PaC attaches to the target network. > >> > >> - In an access network where accounting is performed, accounting > >> starts > >> when the pre-authorization SA becomes the post-authorization SA > by > >> default. Depending on the pre-authorization policy, accounting > may > >> start immediately after the pre-authorization SA is established. > >> > >> > >> This spec should not care when acct starts. > >> > >> - Since the mechanism described in this document is designed to > work > >> across multiple access networks, each EP in the serving network > >> SHOULD be configured to allow PANA messages to be forwarded > between > >> a > >> PaC and a CPAA only if the PaC has a post-authorization SA with > the > >> SPAA in order to avoid an unauthorized PaC to initiate pre- > >> authentication. > >> > >> Not sure why we have to say anything like that. PANA pre-auth is > just > >> UDP. > >> Unless the serving network "intends to block" pre-auth, it would not > be > >> preventing pre-auth. > >> > >> An EP should allow PANA messages from unauthorized only if they are > >> destined > >> to SPAA. > >> So, it should not blindly allow PANA messages. They may not only > allow > >> pre-authentication (not that harmful), but they may even piggyback > some > >> data > >> to punch a hole through EP. I guess this is what the spec intends to > >> talk > >> about, but it was not that clear to me from reading it. > >> > >> - The pre-authentication mechanism defined in this document does > not > >> have an issue on context binding in which link-layer independent > >> context carried over pre-authentication signaling is bound to the > >> link-layer specific context [I-D.ietf-hokey-preauth-ps], because > the > >> same EAP transport protocol (i.e., PANA) is used for normal > >> authentication and pre-authentication in the candidate network. > >> > >> > >> This does not even describe what the issue could be. I don't see a > >> value in > >> having this paragraph here. > >> > >> > >> Editorial: > >> > >> - If the PaC is a > >> mobile device and is capable of moving one access network to > another > >> while running its applications, > >> > >> s/moving one/moving from one > >> > >> > >> - allow the PaC to sent or receive packets > >> > >> s/sent/send > >> > >> > >> Thank you. > >> > >> Alper > >> > >> > >> > >> > >> > >>> -----Original Message----- > >>> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On > Behalf > >> Of > >>> Basavaraj Patil > >>> Sent: Thursday, January 08, 2009 9:52 PM > >>> To: pana@ietf.org > >>> Subject: [Pana] WG LC: Pre-authentication Support for PANA > >>> > >>> > >>> > >>> Hello, > >>> > >>> This is a WG last call for I-D: Pre-authentication Support for PANA > >>> . > >>> > >>> The last call will end on January 22nd, 09. Please send your > comments > >>> to the mailing list prior to the deadline. > >>> > >>> -Chairs > >>> > >>> _______________________________________________ > >>> Pana mailing list > >>> Pana@ietf.org > >>> https://www.ietf.org/mailman/listinfo/pana > >> > >> > >> _______________________________________________ > >> Pana mailing list > >> Pana@ietf.org > >> https://www.ietf.org/mailman/listinfo/pana > > > > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jan 15 12:35:03 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A0D7B3A6842; Thu, 15 Jan 2009 12:35:03 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2802B3A67AB for ; Thu, 15 Jan 2009 12:35:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.512 X-Spam-Level: X-Spam-Status: No, score=-6.512 tagged_above=-999 required=5 tests=[AWL=0.087, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ocFGfA52RTYz for ; Thu, 15 Jan 2009 12:35:01 -0800 (PST) Received: from mgw-mx09.nokia.com (smtp.nokia.com [192.100.105.134]) by core3.amsl.com (Postfix) with ESMTP id 15FFE3A68B6 for ; Thu, 15 Jan 2009 12:35:01 -0800 (PST) Received: from esebh105.NOE.Nokia.com (esebh105.ntc.nokia.com [172.21.138.211]) by mgw-mx09.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id n0FKY5o1009561; Thu, 15 Jan 2009 14:34:43 -0600 Received: from vaebh104.NOE.Nokia.com ([10.160.244.30]) by esebh105.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 15 Jan 2009 22:34:41 +0200 Received: from vaebe112.NOE.Nokia.com ([10.160.244.81]) by vaebh104.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 15 Jan 2009 22:34:42 +0200 Received: from 172.19.60.146 ([172.19.60.146]) by vaebe112.NOE.Nokia.com ([10.160.244.81]) with Microsoft Exchange Server HTTP-DAV ; Thu, 15 Jan 2009 20:34:41 +0000 User-Agent: Microsoft-Entourage/12.15.0.081119 Date: Thu, 15 Jan 2009 14:34:52 -0600 From: Basavaraj Patil To: ext Glen Zorn , Alper Yegin Message-ID: Thread-Topic: [Pana] WG LC: Pre-authentication Support for PANA Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YAAAN42UQAADikwAACBMNE= In-Reply-To: <004e01c9774f$d71ccb40$855661c0$@net> Mime-version: 1.0 X-OriginalArrivalTime: 15 Jan 2009 20:34:42.0048 (UTC) FILETIME=[B1C73000:01C97750] X-Nokia-AV: Clean Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org On 1/15/09 2:28 PM, "ext Glen Zorn" wrote: > Basavaraj Patil [mailto:basavaraj.patil@nokia.com] writes: > >> Hi Glen, >> >> Firm consensus might be a stretch of terminology. >> The chairs believe that this document is useful in the context of PANA. > > That would certainly be a good rationale for the document's adoption as WH > item; however, my understanding is that LC normally signifies that the > document is complete (unless you are planning to follow the recently popular > method of issuing multiple "Last" Calls). Don't plan on issuing multiple last calls... So AFAICT this document is viewed as being complete. Are there opinions that would contradict that view? What specifically is considered as being incomplete that would impede the LC process? > >> This has been echoed by people in the room at previous IETF meetings. >> And >> hence the current WG LC to progress the document. >> >> -Raj >> >> >> On 1/15/09 2:02 PM, "ext Glen Zorn" wrote: >> >>> Second try: is it the opinion of the WG Chairs that there is firm >> consensus >>> around this document? If so, may I ask what this determination is >> based >>> upon, given the ongoing discussions on this list? >>> >>>> -----Original Message----- >>>> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf >> Of >>>> Alper Yegin >>>> Sent: Thursday, January 15, 2009 1:38 AM >>>> To: 'Basavaraj Patil'; pana@ietf.org >>>> Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA >>>> >>>> Here are my comments. >>>> >>>> >>>> - "The PCI message MUST be unicast." >>>> >>>> Not sure why we have such a constraint. Does using a non-unicast >>>> address >>>> break anything? If not, let's not be constraining the spec >>>> unnecessarily. >>>> Not that I see any use for this right away, but I don't see a reason >> to >>>> prohibit future possibilities unless we see a value in having such a >>>> constraint. >>>> >>>> >>>> - "Once the PaC and CPAA have agreed on performing pre- >> authentication >>>> using the 'S' (Start) and 'E' (prE-authentication) bits, the >>>> subsequent PANA messages exchanged between them MUST have the >> 'E' >>>> (prE-authentication) bit set." >>>> >>>> Not forever, right? We shall state "... MUST have the 'E' bit set >> until >>>> CPAA >>>> becomes SPAA of the PaC". >>>> >>>> - I didn't understand the utility of "Pre-authorization SA" and >>>> "Pre-authorization SA" distinction. There is only one PANA SA. It >> does >>>> not >>>> change when the PaC attaches to the target network. >>>> >>>> - In an access network where accounting is performed, accounting >>>> starts >>>> when the pre-authorization SA becomes the post-authorization SA >> by >>>> default. Depending on the pre-authorization policy, accounting >> may >>>> start immediately after the pre-authorization SA is established. >>>> >>>> >>>> This spec should not care when acct starts. >>>> >>>> - Since the mechanism described in this document is designed to >> work >>>> across multiple access networks, each EP in the serving network >>>> SHOULD be configured to allow PANA messages to be forwarded >> between >>>> a >>>> PaC and a CPAA only if the PaC has a post-authorization SA with >> the >>>> SPAA in order to avoid an unauthorized PaC to initiate pre- >>>> authentication. >>>> >>>> Not sure why we have to say anything like that. PANA pre-auth is >> just >>>> UDP. >>>> Unless the serving network "intends to block" pre-auth, it would not >> be >>>> preventing pre-auth. >>>> >>>> An EP should allow PANA messages from unauthorized only if they are >>>> destined >>>> to SPAA. >>>> So, it should not blindly allow PANA messages. They may not only >> allow >>>> pre-authentication (not that harmful), but they may even piggyback >> some >>>> data >>>> to punch a hole through EP. I guess this is what the spec intends to >>>> talk >>>> about, but it was not that clear to me from reading it. >>>> >>>> - The pre-authentication mechanism defined in this document does >> not >>>> have an issue on context binding in which link-layer independent >>>> context carried over pre-authentication signaling is bound to the >>>> link-layer specific context [I-D.ietf-hokey-preauth-ps], because >> the >>>> same EAP transport protocol (i.e., PANA) is used for normal >>>> authentication and pre-authentication in the candidate network. >>>> >>>> >>>> This does not even describe what the issue could be. I don't see a >>>> value in >>>> having this paragraph here. >>>> >>>> >>>> Editorial: >>>> >>>> - If the PaC is a >>>> mobile device and is capable of moving one access network to >> another >>>> while running its applications, >>>> >>>> s/moving one/moving from one >>>> >>>> >>>> - allow the PaC to sent or receive packets >>>> >>>> s/sent/send >>>> >>>> >>>> Thank you. >>>> >>>> Alper >>>> >>>> >>>> >>>> >>>> >>>>> -----Original Message----- >>>>> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On >> Behalf >>>> Of >>>>> Basavaraj Patil >>>>> Sent: Thursday, January 08, 2009 9:52 PM >>>>> To: pana@ietf.org >>>>> Subject: [Pana] WG LC: Pre-authentication Support for PANA >>>>> >>>>> >>>>> >>>>> Hello, >>>>> >>>>> This is a WG last call for I-D: Pre-authentication Support for PANA >>>>> . >>>>> >>>>> The last call will end on January 22nd, 09. Please send your >> comments >>>>> to the mailing list prior to the deadline. >>>>> >>>>> -Chairs >>>>> >>>>> _______________________________________________ >>>>> Pana mailing list >>>>> Pana@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/pana >>>> >>>> >>>> _______________________________________________ >>>> Pana mailing list >>>> Pana@ietf.org >>>> https://www.ietf.org/mailman/listinfo/pana >>> >>> >> > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jan 15 14:33:55 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 31FE53A6918; Thu, 15 Jan 2009 14:33:55 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B20A3A68F2 for ; Thu, 15 Jan 2009 14:33:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.197 X-Spam-Level: X-Spam-Status: No, score=-2.197 tagged_above=-999 required=5 tests=[AWL=0.402, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mNldAXFxcLa7 for ; Thu, 15 Jan 2009 14:33:53 -0800 (PST) Received: from smtpauth14.prod.mesa1.secureserver.net (smtpauth14.prod.mesa1.secureserver.net [64.202.165.39]) by core3.amsl.com (Postfix) with SMTP id E88EA3A6830 for ; Thu, 15 Jan 2009 14:33:52 -0800 (PST) Received: (qmail 30681 invoked from network); 15 Jan 2009 22:33:36 -0000 Received: from unknown (67.160.38.190) by smtpauth14.prod.mesa1.secureserver.net (64.202.165.39) with ESMTP; 15 Jan 2009 22:33:35 -0000 From: "Glen Zorn" To: "'Basavaraj Patil'" , "'Alper Yegin'" References: <004e01c9774f$d71ccb40$855661c0$@net> In-Reply-To: Date: Thu, 15 Jan 2009 14:32:57 -0800 Organization: Network Zen Message-ID: <005c01c97761$37bf5970$a73e0c50$@net> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YAAAN42UQAADikwAACBMNEAA5ukAA== Content-Language: en-us Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Basavaraj Patil [mailto:basavaraj.patil@nokia.com] writes: > On 1/15/09 2:28 PM, "ext Glen Zorn" wrote: > > > Basavaraj Patil [mailto:basavaraj.patil@nokia.com] writes: > > > >> Hi Glen, > >> > >> Firm consensus might be a stretch of terminology. > >> The chairs believe that this document is useful in the context of > PANA. > > > > That would certainly be a good rationale for the document's adoption > as WH > > item; however, my understanding is that LC normally signifies that > the > > document is complete (unless you are planning to follow the recently > popular > > method of issuing multiple "Last" Calls). > > Don't plan on issuing multiple last calls... > So AFAICT this document is viewed as being complete. Are there opinions > that > would contradict that view? As I've mentioned several times, I believe that this draft is the subject of ongoing discussion, that last pair of messages of which were posted just before and _after_ you issued last call. Perhaps you were unaware (although you were copied directly on both messages) of the debate? Do you consider the discussion to be irrelevant? It just seems rather irregular to me. > What specifically is considered as being > incomplete that would impede the LC process? > > > > >> This has been echoed by people in the room at previous IETF > meetings. > >> And > >> hence the current WG LC to progress the document. > >> > >> -Raj > >> > >> > >> On 1/15/09 2:02 PM, "ext Glen Zorn" wrote: > >> > >>> Second try: is it the opinion of the WG Chairs that there is firm > >> consensus > >>> around this document? If so, may I ask what this determination is > >> based > >>> upon, given the ongoing discussions on this list? > >>> > >>>> -----Original Message----- > >>>> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On > Behalf > >> Of > >>>> Alper Yegin > >>>> Sent: Thursday, January 15, 2009 1:38 AM > >>>> To: 'Basavaraj Patil'; pana@ietf.org > >>>> Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA > >>>> > >>>> Here are my comments. > >>>> > >>>> > >>>> - "The PCI message MUST be unicast." > >>>> > >>>> Not sure why we have such a constraint. Does using a non-unicast > >>>> address > >>>> break anything? If not, let's not be constraining the spec > >>>> unnecessarily. > >>>> Not that I see any use for this right away, but I don't see a > reason > >> to > >>>> prohibit future possibilities unless we see a value in having such > a > >>>> constraint. > >>>> > >>>> > >>>> - "Once the PaC and CPAA have agreed on performing pre- > >> authentication > >>>> using the 'S' (Start) and 'E' (prE-authentication) bits, the > >>>> subsequent PANA messages exchanged between them MUST have > the > >> 'E' > >>>> (prE-authentication) bit set." > >>>> > >>>> Not forever, right? We shall state "... MUST have the 'E' bit set > >> until > >>>> CPAA > >>>> becomes SPAA of the PaC". > >>>> > >>>> - I didn't understand the utility of "Pre-authorization SA" and > >>>> "Pre-authorization SA" distinction. There is only one PANA SA. It > >> does > >>>> not > >>>> change when the PaC attaches to the target network. > >>>> > >>>> - In an access network where accounting is performed, accounting > >>>> starts > >>>> when the pre-authorization SA becomes the post-authorization SA > >> by > >>>> default. Depending on the pre-authorization policy, accounting > >> may > >>>> start immediately after the pre-authorization SA is > established. > >>>> > >>>> > >>>> This spec should not care when acct starts. > >>>> > >>>> - Since the mechanism described in this document is designed to > >> work > >>>> across multiple access networks, each EP in the serving network > >>>> SHOULD be configured to allow PANA messages to be forwarded > >> between > >>>> a > >>>> PaC and a CPAA only if the PaC has a post-authorization SA with > >> the > >>>> SPAA in order to avoid an unauthorized PaC to initiate pre- > >>>> authentication. > >>>> > >>>> Not sure why we have to say anything like that. PANA pre-auth is > >> just > >>>> UDP. > >>>> Unless the serving network "intends to block" pre-auth, it would > not > >> be > >>>> preventing pre-auth. > >>>> > >>>> An EP should allow PANA messages from unauthorized only if they > are > >>>> destined > >>>> to SPAA. > >>>> So, it should not blindly allow PANA messages. They may not only > >> allow > >>>> pre-authentication (not that harmful), but they may even piggyback > >> some > >>>> data > >>>> to punch a hole through EP. I guess this is what the spec intends > to > >>>> talk > >>>> about, but it was not that clear to me from reading it. > >>>> > >>>> - The pre-authentication mechanism defined in this document > does > >> not > >>>> have an issue on context binding in which link-layer > independent > >>>> context carried over pre-authentication signaling is bound to > the > >>>> link-layer specific context [I-D.ietf-hokey-preauth-ps], > because > >> the > >>>> same EAP transport protocol (i.e., PANA) is used for normal > >>>> authentication and pre-authentication in the candidate network. > >>>> > >>>> > >>>> This does not even describe what the issue could be. I don't see a > >>>> value in > >>>> having this paragraph here. > >>>> > >>>> > >>>> Editorial: > >>>> > >>>> - If the PaC is a > >>>> mobile device and is capable of moving one access network to > >> another > >>>> while running its applications, > >>>> > >>>> s/moving one/moving from one > >>>> > >>>> > >>>> - allow the PaC to sent or receive packets > >>>> > >>>> s/sent/send > >>>> > >>>> > >>>> Thank you. > >>>> > >>>> Alper > >>>> > >>>> > >>>> > >>>> > >>>> > >>>>> -----Original Message----- > >>>>> From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On > >> Behalf > >>>> Of > >>>>> Basavaraj Patil > >>>>> Sent: Thursday, January 08, 2009 9:52 PM > >>>>> To: pana@ietf.org > >>>>> Subject: [Pana] WG LC: Pre-authentication Support for PANA > >>>>> > >>>>> > >>>>> > >>>>> Hello, > >>>>> > >>>>> This is a WG last call for I-D: Pre-authentication Support for > PANA > >>>>> . > >>>>> > >>>>> The last call will end on January 22nd, 09. Please send your > >> comments > >>>>> to the mailing list prior to the deadline. > >>>>> > >>>>> -Chairs > >>>>> > >>>>> _______________________________________________ > >>>>> Pana mailing list > >>>>> Pana@ietf.org > >>>>> https://www.ietf.org/mailman/listinfo/pana > >>>> > >>>> > >>>> _______________________________________________ > >>>> Pana mailing list > >>>> Pana@ietf.org > >>>> https://www.ietf.org/mailman/listinfo/pana > >>> > >>> > >> > > > > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From netebuc@anapsardegna.it Thu Jan 15 15:27:45 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9B7FC28C150 for ; Thu, 15 Jan 2009 15:27:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -41.819 X-Spam-Level: X-Spam-Status: No, score=-41.819 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_3=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nxHkN36HZT1v for ; Thu, 15 Jan 2009 15:27:38 -0800 (PST) Received: from advbiol.com (unknown [201.46.61.64]) by core3.amsl.com (Postfix) with SMTP id C29D128C14B for ; Thu, 15 Jan 2009 15:27:34 -0800 (PST) To: Subject: Re: admin From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090115232735.C29D128C14B@core3.amsl.com> Date: Thu, 15 Jan 2009 15:27:34 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

©2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 23201
From bt@gmbinternational.com Thu Jan 15 16:17:15 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 472513A68D0; Thu, 15 Jan 2009 16:17:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -82.838 X-Spam-Level: X-Spam-Status: No, score=-82.838 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gA-qPpeMy0xX; Thu, 15 Jan 2009 16:17:13 -0800 (PST) Received: from c-98-223-102-24.hsd1.in.comcast.net (c-98-223-102-24.hsd1.in.comcast.net [98.223.102.24]) by core3.amsl.com (Postfix) with SMTP id 683DC3A63EC; Thu, 15 Jan 2009 16:17:10 -0800 (PST) X-Originating-IP: 17.84.128.128 by smtp.98.223.102.24; Thu, 15 Jan 2009 18:11:54 -0500 Message-ID: Subject: Patek Phillipe better than you could imagine! Date: Thu, 15 Jan 2009 18:16:54 -0500 From: "Quincy Busby" To: "Cara Chandler" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Cara, Looking for a IWC watch that no one can tell from the original? You're in luck, because we have the best copies http://hallssl.narod.ru Take advantage of our christmas specials and get yourself IWC watch that you've always wanted! http://hallssl.narod.ru Our IWC watches have perfect weight and feel same as orginal. Sincerely, Mr Chandler From pana-bounces@ietf.org Fri Jan 16 03:22:39 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BB61F28C20D; Fri, 16 Jan 2009 03:22:39 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8CAEF3A6847 for ; Fri, 16 Jan 2009 03:22:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.903 X-Spam-Level: X-Spam-Status: No, score=-0.903 tagged_above=-999 required=5 tests=[AWL=0.247, BAYES_00=-2.599, MSGID_MULTIPLE_AT=1.449] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NDilq2OY3hiN for ; Fri, 16 Jan 2009 03:22:37 -0800 (PST) Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by core3.amsl.com (Postfix) with ESMTP id D50273A6821 for ; Fri, 16 Jan 2009 03:22:37 -0800 (PST) Received: from LENOVO (dsl88-247-34762.ttnet.net.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis) id 0MKp8S-1LNmmI0RxF-000SlH; Fri, 16 Jan 2009 06:22:22 -0500 From: "Alper Yegin" To: "'Glen Zorn'" , "'Basavaraj Patil'" References: <004e01c9774f$d71ccb40$855661c0$@net> <005c01c97761$37bf5970$a73e0c50$@net> In-Reply-To: <005c01c97761$37bf5970$a73e0c50$@net> Date: Fri, 16 Jan 2009 13:22:11 +0200 Message-ID: <05d201c977cc$b0449c50$10cdd4f0$@yegin@yegin.org> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YAAAN42UQAADikwAACBMNEAA5ukAAAbMxsQ Content-Language: en-us X-Provags-ID: V01U2FsdGVkX1+tVs35/iy3NNU4GLSObKDZLTZmW2R4SjsLdK/ YDzsR9Ujw9h84AgXzziiREmd+fLXJ8MhPCHn7wltHbHbyVQtzY F5P4c0lVUUFsV+IqnoPXg== Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Glen, > As I've mentioned several times, I believe that this draft is the > subject of > ongoing discussion, that last pair of messages of which were posted > just > before and _after_ you issued last call. Perhaps you were unaware > (although > you were copied directly on both messages) of the debate? Do you > consider > the discussion to be irrelevant? It just seems rather irregular to me. We expect to handle that discussion as part of the WG LC. Unless you see a show stopper for WG LC stemming from that discussion, I don't see any point in delaying WG LC instead of handling discussions as part of the WG LC. Anyways, WG LC is on, and input is welcome. Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Fri Jan 16 10:58:56 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3415E3A6A64; Fri, 16 Jan 2009 10:58:56 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 000BE3A6A64 for ; Fri, 16 Jan 2009 10:58:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.254 X-Spam-Level: X-Spam-Status: No, score=-2.254 tagged_above=-999 required=5 tests=[AWL=0.345, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VDC1mMCCceGO for ; Fri, 16 Jan 2009 10:58:54 -0800 (PST) Received: from smtpout08.prod.mesa1.secureserver.net (smtpout08-04.prod.mesa1.secureserver.net [64.202.165.12]) by core3.amsl.com (Postfix) with SMTP id B355D3A6989 for ; Fri, 16 Jan 2009 10:58:53 -0800 (PST) Received: (qmail 12859 invoked from network); 16 Jan 2009 18:58:37 -0000 Received: from unknown (67.160.38.190) by smtpout08-04.prod.mesa1.secureserver.net (64.202.165.12) with ESMTP; 16 Jan 2009 18:58:37 -0000 From: "Glen Zorn" To: "'Alper Yegin'" , "'Basavaraj Patil'" References: <004e01c9774f$d71ccb40$855661c0$@net> <005c01c97761$37bf5970$a73e0c50$@net> <05d201c977cc$b0449c50$10cdd4f0$@yegin@yegin.org> In-Reply-To: <05d201c977cc$b0449c50$10cdd4f0$@yegin@yegin.org> Date: Fri, 16 Jan 2009 10:57:52 -0800 Organization: Network Zen Message-ID: <000f01c9780c$55d6a200$0183e600$@net> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclxypjwUb/ucBgcPkWQM0vASiINfQFJoSXQABZ4/YAAAN42UQAADikwAACBMNEAA5ukAAAbMxsQAA+ZqrA= Content-Language: en-us Cc: pana@ietf.org Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Alper Yegin [mailto:alper.yegin@yegin.org] writes: > Glen, > > > As I've mentioned several times, I believe that this draft is the > > subject of > > ongoing discussion, that last pair of messages of which were posted > > just > > before and _after_ you issued last call. Perhaps you were unaware > > (although > > you were copied directly on both messages) of the debate? Do you > > consider > > the discussion to be irrelevant? It just seems rather irregular to > me. > > We expect to handle that discussion as part of the WG LC. Splendid idea, very efficient! To improve efficiency even further may I suggest in the future following in the footsteps of the radext WG & simply issuing WGLC as soon as the -00 is posted? That way _all_ discussion can be handled during LC & the busy lives of the chairs won't be cluttered with pesky tasks like determining consensus, etc. > Unless you > see a > show stopper for WG LC stemming from that discussion, I don't see any > point > in delaying WG LC instead of handling discussions as part of the WG LC. What I see seems to be considered irrelevant, since the Chairs apparently believe that the result of that discussion will be no change to the existing draft (the foregone conclusion strongly implied by the statement that multiple LCs aren't expected & your implicit assertion that no showstoppers exist). > > Anyways, WG LC is on, and input is welcome. > > Alper > > > > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From cinoptic@veniseverte.fr Fri Jan 16 11:09:07 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28C203A6ABF; Fri, 16 Jan 2009 11:09:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -69.648 X-Spam-Level: X-Spam-Status: No, score=-69.648 tagged_above=-999 required=5 tests=[BAYES_80=2, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, FRT_ROLEX=3.878, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, J_CHICKENPOX_13=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MJLMd1xAgRYq; Fri, 16 Jan 2009 11:09:06 -0800 (PST) Received: from 144-31-223-201.adsl.terra.cl (144-31-223-201.adsl.terra.cl [201.223.31.144]) by core3.amsl.com (Postfix) with SMTP id 2384D3A6A51; Fri, 16 Jan 2009 11:08:55 -0800 (PST) X-Originating-IP: 0.12.216.152 by smtp.201.223.31.144; Sat, 17 Jan 2009 00:01:38 +0600 Message-ID: Subject: Impressive Glashutte timepieces Date: Fri, 16 Jan 2009 13:08:38 -0500 From: "Maxwell Stuart" To: "Anna Edwards" Content-Type: text/plain; Content-Transfer-Encoding: 7bit When it comes down to getting a rep R0lex watch, there is just one place that offers its visitors and customers the highest quality available: Prestige Reps. This unparalleled online store specializes in top of the line rep watches with unsurpassed performance, and bearing every marking that the genuine timepieces have. Every rep watch that Prestige Reps carries, is made of solid stainless steel and features a sapphire crystal glass. What's more, every R0lex in store displays the green R0lex sticker with model number and logo on it. Just because you're buying a rep, don't settle for a low quality product. There are only a handful of online stores that offer the highest quality R0lex rep watches and Prestige Reps is among them, and with the lowest available prices! http://williamsrgt.narod.ru From pana-bounces@ietf.org Fri Jan 16 13:03:29 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CA6893A6ABF; Fri, 16 Jan 2009 13:03:29 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3B0543A6ABF for ; Fri, 16 Jan 2009 13:03:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.571 X-Spam-Level: X-Spam-Status: No, score=-6.571 tagged_above=-999 required=5 tests=[AWL=0.028, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rmZghG+Go2o0 for ; Fri, 16 Jan 2009 13:03:25 -0800 (PST) Received: from imr2.ericy.com (imr2.ericy.com [198.24.6.3]) by core3.amsl.com (Postfix) with ESMTP id 46A983A67F5 for ; Fri, 16 Jan 2009 13:03:24 -0800 (PST) Received: from eusrcmw750.eamcs.ericsson.se (eusrcmw750.exu.ericsson.se [138.85.77.50]) by imr2.ericy.com (8.13.1/8.13.1) with ESMTP id n0GL33Iu017692; Fri, 16 Jan 2009 15:03:08 -0600 Received: from eusrcmw751.eamcs.ericsson.se ([138.85.77.51]) by eusrcmw750.eamcs.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Fri, 16 Jan 2009 15:03:03 -0600 Received: from [142.133.10.113] ([142.133.10.113]) by eusrcmw751.eamcs.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Fri, 16 Jan 2009 15:03:02 -0600 Message-ID: <4970F5BD.5010906@ericsson.com> Date: Fri, 16 Jan 2009 16:01:49 -0500 From: Suresh Krishnan User-Agent: Thunderbird 2.0.0.17 (X11/20080925) MIME-Version: 1.0 To: pana@ietf.org X-OriginalArrivalTime: 16 Jan 2009 21:03:02.0402 (UTC) FILETIME=[D1AE5E20:01C9781D] Cc: Basavaraj Patil Subject: [Pana] Review of draft-ietf-pana-statemachine-08 X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Folks, I was requested by the chairs to review draft-ietf-pana-statemachine-08. I have reviewed the document and I have a few comments. Overall ======= * What is the intended status of this draft? I assume informational but please update the draft to include this. Section 4 ========= * This sentence is a bit unclear. "When a discrepancy occurs between any part of this document and any of the related documents ([RFC5191], [RFC4137] the latter (the other documents) are considered authoritative and takes precedence." What does this mean exactly? e.g. In 4137 the actions are executed on entry into the state and in this document they are executed on exit. Does this mean there is a discrepancy? Section 5 ========== * "On exit from a state, the exit actions defined for the state and the exit condition are executed exactly once, in the order that they appear on the page." What page? * "A state "ANY" is a wildcard state that matches the current state in each state machine." Did you mean to say "A state "ANY" is a wildcard state that matches any state in the current state machine." * The state "ANY except foo" has not been defined here but has been used later. * How do I send PANA messages with multiple flags set? e.g. I want to send a PAR with I and S bits set. The description language does not seem to allow this. Section 6 ========= * I do not think that RTX_MAX_NUM can be a constant for the state machine since it can differ for different PANA messages. e.g. 0 for PCI and 10 for PAR. Section 9.1 =========== * I am not sure what this section has to do with implementation of state machines. Can you please clarify? Thanks Suresh _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From jdxhw@almostcosmic.com Fri Jan 16 15:41:39 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8F6DE28B23E for ; Fri, 16 Jan 2009 15:41:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.889 X-Spam-Level: X-Spam-Status: No, score=-6.889 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR=2.426, HOST_EQ_STATIC=1.172, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p9PV2OzXWG-5 for ; Fri, 16 Jan 2009 15:41:38 -0800 (PST) Received: from ip-212-59-24-31.static.b4net.lt (ip-212-59-24-31.static.b4net.lt [212.59.24.31]) by core3.amsl.com (Postfix) with SMTP id BFB693A689D for ; Fri, 16 Jan 2009 15:41:37 -0800 (PST) To: Subject: Your order 43659 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090116234137.BFB693A689D@core3.amsl.com> Date: Fri, 16 Jan 2009 15:41:37 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 84216
From mbarranco@agrega.com.ar Fri Jan 16 20:40:30 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 16B8F3A69C3 for ; Fri, 16 Jan 2009 20:40:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.54 X-Spam-Level: X-Spam-Status: No, score=-2.54 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_VERIZON_P=2.144, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_VERIZON_POOL=1.495, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JYcTlvj3GgOH for ; Fri, 16 Jan 2009 20:40:29 -0800 (PST) Received: from pool-71-251-24-127.nycmny.fios.verizon.net (pool-71-251-24-127.nycmny.fios.verizon.net [71.251.24.127]) by core3.amsl.com (Postfix) with SMTP id 6072D3A684D for ; Fri, 16 Jan 2009 20:40:26 -0800 (PST) To: Subject: News from Microsoft From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090117044027.6072D3A684D@core3.amsl.com> Date: Fri, 16 Jan 2009 20:40:26 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 32371
From casmith@stemnion.com Sat Jan 17 09:51:53 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 46B4C3A680D; Sat, 17 Jan 2009 09:51:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -46.718 X-Spam-Level: X-Spam-Status: No, score=-46.718 tagged_above=-999 required=5 tests=[AWL=34.999, BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_IPADDR=2.426, J_CHICKENPOX_24=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3AT6O4OcjQx4; Sat, 17 Jan 2009 09:51:52 -0800 (PST) Received: from cable201-232-162-94.epm.net.co (cable201-232-162-94.epm.net.co [201.232.162.94]) by core3.amsl.com (Postfix) with SMTP id 1B1823A6895; Sat, 17 Jan 2009 09:51:45 -0800 (PST) X-Originating-IP: 232.211.78.131 by smtp.201.232.162.94; Sat, 17 Jan 2009 14:48:27 -0200 Message-ID: Subject: September promo on watches Date: Sat, 17 Jan 2009 11:51:27 -0500 From: "Ted Winkler" To: "Gilberto Benson" Content-Type: text/plain; Content-Transfer-Encoding: 7bit A Bvlgari watch is an extraordinary masterpiece that is born from the marriage of watch making and jewelry expertise. Only the most discriminating and sophisticated watch users dare put a Bv1gari on their wrists, but once the metal touches their skin, they are bound forever... How would you like to become one of the lucky few that have experienced the pleasure of sporting a Bvlgari timepiece? Now you can, and at a very reduced cost! Prestige Reps offers a tremendous collection of Bvlgari reps starting just a little above $200... So now there is no reason why you can't have your very own Bvlgari today! http://cookzip.narod.ru From jorth@altoona.k12.wi.us Sat Jan 17 18:34:30 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D75663A6AA6 for ; Sat, 17 Jan 2009 18:34:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.896 X-Spam-Level: X-Spam-Status: No, score=-11.896 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OrjlqFefQWTl for ; Sat, 17 Jan 2009 18:34:28 -0800 (PST) Received: from 21minutefitness.com (unknown [189.4.205.118]) by core3.amsl.com (Postfix) with SMTP id 73ECB3A6AB7 for ; Sat, 17 Jan 2009 18:34:27 -0800 (PST) To: Subject: Email Administrator, Pfizer World Headquarters From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090118023427.73ECB3A6AB7@core3.amsl.com> Date: Sat, 17 Jan 2009 18:34:27 -0800 (PST)
January 16, 2009 | "SPECIAL OFFERS"-Pfizer Company!




Contact: Email Administrator, Pfizer World Headquarters 082 E. 42nd Street New York, NY 80621
® 2001-2009 Pfizer Inc. All rights reserved!
Pfizer is a licensee of the TRUSTe Privacy Program!, click here.

» Help  »Advertise  »Terms of Service  »Privacy Policy
From kevin.sammonn@aidandtrade.com Sun Jan 18 10:18:16 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8B4683A6A47 for ; Sun, 18 Jan 2009 10:18:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.597 X-Spam-Level: X-Spam-Status: No, score=-12.597 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_VERIZON_P=2.144, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_VERIZON_POOL=1.495, HTML_IMAGE_ONLY_28=1.561, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kXFkQbHpTFYT for ; Sun, 18 Jan 2009 10:18:16 -0800 (PST) Received: from pool-71-176-234-36.rcmdva.fios.verizon.net (pool-71-176-234-36.rcmdva.fios.verizon.net [71.176.234.36]) by core3.amsl.com (Postfix) with SMTP id 0F9B43A685C for ; Sun, 18 Jan 2009 10:18:14 -0800 (PST) To: Subject: Re: SPECIAL OFFERS From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090118181815.0F9B43A685C@core3.amsl.com> Date: Sun, 18 Jan 2009 10:18:14 -0800 (PST)
January 16, 2009 | "SPECIAL OFFERS"-Pfizer Company!




Contact: Email Administrator, Pfizer World Headquarters 575 E. 42nd Street New York, NY 86470
® 2001-2009 Pfizer Inc. All rights reserved!
Pfizer is a licensee of the TRUSTe Privacy Program!, click here.

» Help  »Advertise  »Terms of Service  »Privacy Policy
From jhumnih@aitlbd.net Sun Jan 18 14:30:13 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4C37D28C15D for ; Sun, 18 Jan 2009 14:30:13 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.717 X-Spam-Level: X-Spam-Status: No, score=-3.717 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_UNI=0.591, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D9RqtO5u4+fo for ; Sun, 18 Jan 2009 14:30:12 -0800 (PST) Received: from 201-25-32-47.paemt705.dsl.brasiltelecom.net.br (201-15-137-168.paemt705.dsl.brasiltelecom.net.br [201.15.137.168]) by core3.amsl.com (Postfix) with SMTP id 2886728C12C for ; Sun, 18 Jan 2009 14:30:09 -0800 (PST) To: Subject: Your order 52209 From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090118223010.2886728C12C@core3.amsl.com> Date: Sun, 18 Jan 2009 14:30:09 -0800 (PST)
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the "Unsubscribe" link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers' content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

c2008 Microsoft | Unsubscribe | More Newsletters | Privacy

Microsoft Corporation, One Microsoft Way, Redmond, WA 29625
From pana-bounces@ietf.org Mon Jan 19 08:39:01 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B0B4C3A6918; Mon, 19 Jan 2009 08:39:01 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C1E43A6918 for ; Mon, 19 Jan 2009 08:39:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WK6xeVFLFtxV for ; Mon, 19 Jan 2009 08:38:59 -0800 (PST) Received: from xenon3.um.es (xenon3.um.es [155.54.212.163]) by core3.amsl.com (Postfix) with ESMTP id F1FAB3A67F6 for ; Mon, 19 Jan 2009 08:38:58 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon3.um.es (Postfix) with ESMTP id EE94C4408C for ; Mon, 19 Jan 2009 17:38:42 +0100 (CET) X-Virus-Scanned: by amavisd-new-2.4.2 (20060627) (Debian) at xenon3.telemat.um.es Received: from xenon3.um.es ([127.0.0.1]) by localhost (xenon3.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 4+7bBQLrNs90 for ; Mon, 19 Jan 2009 17:38:42 +0100 (CET) Received: from inf-205-84.um.es (inf-205-84.um.es [155.54.205.84]) (Authenticated sender: rafa) by xenon3.um.es (Postfix) with ESMTP id 7F7C044058 for ; Mon, 19 Jan 2009 17:38:42 +0100 (CET) Message-ID: <4974AC91.4000903@um.es> Date: Mon, 19 Jan 2009 17:38:41 +0100 From: Rafa Marin Lopez User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: pana@ietf.org Subject: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Dear all, here it is my review of draft-ietf-pana-preauth-04.txt Initially, the document is in a good shape for me but I have some minor questions and comments. This document defines an extension to the PANA protocol [RFC5191] used for proactively executing EAP authentication and establishing a PANA SA (Security Association) between a PaC in an access network and a PAA in another access network to which the PaC may move. The proposed method operates across multiple AAA domains. The extension to the PANA protocol is designed to realize direct pre-authentication defined in [I-D.ietf-hokey-preauth-ps]. [Rafa] I believe that an explanation of "access network" and "AAA domain" might be added here and also in the terminology section. [Rafa] 2. Terminogy --> Terminology The following terms are used in this document in addition to the terms defined in [RFC5191]. Serving PAA (SPAA): A PAA that resides in the serving network and [Rafa] The definition of serving network should be provided. provides network access authentication for a particular PaC. For simplicity, this document assumes that there is only one SPAA in the serving network while the pre-authentication mechanism described in this document is generally applicable to the case where there are two or more SPAAs in the serving network. Pre-authorization SA: A PANA SA established between a PaC and its CPAA. Post-authorization SA: A PANA SA established between the PaC and its SPAA. [Rafa] Agree with Alper here. Pre-authorization SA and Post-Authorization SA is the PANA SA between the PaC and the CPAA. The CPAA will be the SPAA but I believe that no new PANA SA is created after the movement; it is only an update of the PANA SA. 3. Pre-authentication Procedure A PaC that supports pre-authentication may establish a PANA session for each CPAA. There may be several mechanisms for a PaC and a CPAA to discover each other. However, such mechanisms are out of the scope of this document. There may be a number of criteria for CPAA selection, the timing to start pre-authentication and the timing to make a pre-authorization SA a post-authorization SA (and hence the CPAA becomes the SPAA). [Rafa] This text may need to be revised if previous comment is accepted. When a CPAA with which the PaC has a pre-authorization SA becomes the SPAA due to, e.g., movement of the PaC, the PaC performs an IP address update procedure defined in Section 5.6 of [RFC5191] in order to update the SPAA with the PaC's new address obtained from the new serving network. PANA-Notification-Request (PNR) and PANA- Notification-Answer (PNA) messages with 'P' (Ping) bit set are used for this purpose. The completion of the IP address update procedure will change the pre-authorization SA to a post-authorization SA. In this case, the 'E' MUST NOT be set in the PNR and PNA messages and subsequent PANA messages. If there is another CPAA with which the PaC has a pre-authorization SA and the PaC wants to keep the pre-authorization SA after the change of SPAA, the PaC also performs an IP address update procedure defined in Section 5.6 of [RFC5191] in order to update the CPAA with the PaC's new address. PNR and PNA messages with 'P' (Ping) bit set is used for this purpose. In this case, the 'E' (prE-authentication) bit MUST be set in the PNR and PNA messages and subsequent PANA messages. The IP address update procedure with the CPAA will not change the pre-authorization SA to a post-authorization SA. [Rafa] Let me understand this. It seems you're describing here two alternatives. Either you update the PANA SA (with the CPAA) AFTER the movement (PNR-PNA without E bit set) or BEFORE the movement (PNR-PNA with E bit set). Is that correct?. The pre-authorization SA and the corresponding PANA session between the PaC and a CPAA is deleted by entering the termination phase of the PANA protocol. Example call flows for PaC-initiated pre-authentication and PAA- initiated pre-authentication are shown in Figure 1 and Figure 2, respectively. [Rafa]. Fig 1 and Fig. 2 are rather similar except for pre-authentication trigger and the PCI, right? Maybe an unified figure could be better or simplify one of them. 6. Security Considerations Since the mechanism described in this document is designed to work across multiple access networks, each EP in the serving network SHOULD be configured to allow PANA messages to be forwarded between a PaC and a CPAA only if the PaC has a post-authorization SA with the SPAA in order to avoid an unauthorized PaC to initiate pre- authentication. [Rafa] I think I have a similar comment as Alper's. Since PANA works over UDP, if the EP in the serving network is configured to allow IP traffic to that PaC, why should we restrict the PaC to send PANA pre-authentication messages to other CPAA? Or in other words, why should we relay in the SPAA (that could belongs to a different domain than CPAA) to enforce this?. Best Regards. -- ------------------------------------------------------ Rafael Marin Lopez Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34968398501 e-mail: rafa@um.es ------------------------------------------------------ _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From omalopsinae@a54321.com Mon Jan 19 14:04:53 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E2F53A69A8 for ; Mon, 19 Jan 2009 14:04:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -18.077 X-Spam-Level: X-Spam-Status: No, score=-18.077 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6tWaHfHYPDan for ; Mon, 19 Jan 2009 14:04:52 -0800 (PST) Received: from alkhorayef.com (unknown [189.100.145.188]) by core3.amsl.com (Postfix) with SMTP id 65E283A693D for ; Mon, 19 Jan 2009 14:04:50 -0800 (PST) To: Subject: Re: Getting the best results From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090119220451.65E283A693D@core3.amsl.com> Date: Mon, 19 Jan 2009 14:04:50 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Not see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.progressdone.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://methoddegree.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 5, B595. 466 Clements Road. London. SE93 7DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From pana-bounces@ietf.org Mon Jan 19 17:17:39 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0803E3A6AA9; Mon, 19 Jan 2009 17:17:39 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2AA3B3A6AA9 for ; Mon, 19 Jan 2009 17:17:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.533 X-Spam-Level: X-Spam-Status: No, score=-1.533 tagged_above=-999 required=5 tests=[AWL=-0.946, BAYES_00=-2.599, FAKE_REPLY_C=2.012] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VL4+nukLGwcu for ; Mon, 19 Jan 2009 17:17:37 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 1D1A43A67B1 for ; Mon, 19 Jan 2009 17:17:37 -0800 (PST) Received: from steelhead.localdomain (mail.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0K1EXr9097843; Mon, 19 Jan 2009 20:14:33 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LP3If-0004S8-3E; Mon, 19 Jan 2009 18:12:57 -0500 Date: Mon, 19 Jan 2009 18:12:57 -0500 From: Yoshihiro Ohba To: Alper Yegin Message-ID: <20090119231257.GI14492@steelhead.localdomain> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org, 'Basavaraj Patil' Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Alper, Thank you for your review. I agree all of your comments. Please see my comments in line. On Thu, Jan 15, 2009 at 11:38:20AM +0200, Alper Yegin wrote: > Here are my comments. > > > - "The PCI message MUST be unicast." > > Not sure why we have such a constraint. Does using a non-unicast address > break anything? If not, let's not be constraining the spec unnecessarily. > Not that I see any use for this right away, but I don't see a reason to > prohibit future possibilities unless we see a value in having such a > constraint. I agree that the sentence is not needed. > > > - "Once the PaC and CPAA have agreed on performing pre-authentication > using the 'S' (Start) and 'E' (prE-authentication) bits, the > subsequent PANA messages exchanged between them MUST have the 'E' > (prE-authentication) bit set." > > Not forever, right? We shall state "... MUST have the 'E' bit set until CPAA > becomes SPAA of the PaC". Yes, that is clearer. > > - I didn't understand the utility of "Pre-authorization SA" and > "Pre-authorization SA" distinction. There is only one PANA SA. It does not > change when the PaC attaches to the target network. This is a good point. By {pre,post}-authorization, I meant to represent status of PANA session. We can change "Pre-authorization SA" and "Post-authorization SA" to "pre-authorization state of the PANA session" and "post-authorization state of the PANA session", respectively. > > - In an access network where accounting is performed, accounting starts > when the pre-authorization SA becomes the post-authorization SA by > default. Depending on the pre-authorization policy, accounting may > start immediately after the pre-authorization SA is established. > > > This spec should not care when acct starts. We can remove the paragraph and change the Section title to "Authorization Considerations". > > - Since the mechanism described in this document is designed to work > across multiple access networks, each EP in the serving network > SHOULD be configured to allow PANA messages to be forwarded between a > PaC and a CPAA only if the PaC has a post-authorization SA with the > SPAA in order to avoid an unauthorized PaC to initiate pre- > authentication. > > Not sure why we have to say anything like that. PANA pre-auth is just UDP. > Unless the serving network "intends to block" pre-auth, it would not be > preventing pre-auth. > > An EP should allow PANA messages from unauthorized only if they are destined > to SPAA. > So, it should not blindly allow PANA messages. They may not only allow > pre-authentication (not that harmful), but they may even piggyback some data > to punch a hole through EP. I guess this is what the spec intends to talk > about, but it was not that clear to me from reading it. I agree. How about revising the paragraph as follows? " Since the mechanism described in this document is designed to work across multiple access networks, each EP in the serving network SHOULD allow PANA messages originated from unauthorized PaCs to be forwarded only if they are destined to SPAA. Also, each access network that supports pre-authentication SHOULD block pre-authentication attempts from networks from which a handover is not likely to occur. " > > - The pre-authentication mechanism defined in this document does not > have an issue on context binding in which link-layer independent > context carried over pre-authentication signaling is bound to the > link-layer specific context [I-D.ietf-hokey-preauth-ps], because the > same EAP transport protocol (i.e., PANA) is used for normal > authentication and pre-authentication in the candidate network. > > > This does not even describe what the issue could be. I don't see a value in > having this paragraph here. I agree. We can remove the paragraph since this document has no issue with context binding. > > > Editorial: > > - If the PaC is a > mobile device and is capable of moving one access network to another > while running its applications, > > s/moving one/moving from one OK. > > > - allow the PaC to sent or receive packets > > s/sent/send OK. Regards, Yoshihiro Ohba > > > Thank you. > > Alper > > > > > > > -----Original Message----- > > From: pana-bounces@ietf.org [mailto:pana-bounces@ietf.org] On Behalf Of > > Basavaraj Patil > > Sent: Thursday, January 08, 2009 9:52 PM > > To: pana@ietf.org > > Subject: [Pana] WG LC: Pre-authentication Support for PANA > > > > > > > > Hello, > > > > This is a WG last call for I-D: Pre-authentication Support for PANA > > . > > > > The last call will end on January 22nd, 09. Please send your comments > > to the mailing list prior to the deadline. > > > > -Chairs > > > > _______________________________________________ > > Pana mailing list > > Pana@ietf.org > > https://www.ietf.org/mailman/listinfo/pana > > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Mon Jan 19 17:18:36 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3301F3A6AAF; Mon, 19 Jan 2009 17:18:36 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E11943A6AAF for ; Mon, 19 Jan 2009 17:18:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.48 X-Spam-Level: X-Spam-Status: No, score=-2.48 tagged_above=-999 required=5 tests=[AWL=0.119, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LFdo5QNO2UGC for ; Mon, 19 Jan 2009 17:18:33 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 734BE3A6AAB for ; Mon, 19 Jan 2009 17:18:33 -0800 (PST) Received: from steelhead.localdomain (toshi17.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0K1FRcs097863; Mon, 19 Jan 2009 20:15:30 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LP3JX-0004SM-1f; Mon, 19 Jan 2009 18:13:51 -0500 Date: Mon, 19 Jan 2009 18:13:51 -0500 From: Yoshihiro Ohba To: Rafa Marin Lopez Message-ID: <20090119231351.GJ14492@steelhead.localdomain> References: <4974AC91.4000903@um.es> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4974AC91.4000903@um.es> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Rafa, Thank you for reviewing the document. Please see my response below. On Mon, Jan 19, 2009 at 05:38:41PM +0100, Rafa Marin Lopez wrote: > Dear all, > > here it is my review of draft-ietf-pana-preauth-04.txt > > Initially, the document is in a good shape for me but I have some minor > questions and comments. > > > This document defines an extension to the PANA protocol [RFC5191] > used for proactively executing EAP authentication and establishing a > PANA SA (Security Association) between a PaC in an access network and > a PAA in another access network to which the PaC may move. The > proposed method operates across multiple AAA domains. The extension > to the PANA protocol is designed to realize direct pre-authentication > defined in [I-D.ietf-hokey-preauth-ps]. > > [Rafa] I believe that an explanation of "access network" and "AAA > domain" might be added here and also in the terminology section. I think these terms are popularly used in many documents and I don't think we need to define them in this document. > > > > [Rafa] 2. Terminogy --> Terminology OK. > > The following terms are used in this document in addition to the > terms defined in [RFC5191]. > > Serving PAA (SPAA): A PAA that resides in the serving network and > > [Rafa] The definition of serving network should be provided. How about this? "Serving Network: The access network that is currently providing network access to the PaC." > > provides network access authentication for a particular PaC. For > simplicity, this document assumes that there is only one SPAA in > the serving network while the pre-authentication mechanism > described in this document is generally applicable to the case > where there are two or more SPAAs in the serving network. > > > Pre-authorization SA: A PANA SA established between a PaC and its > CPAA. > > Post-authorization SA: A PANA SA established between the PaC and its > SPAA. > > [Rafa] Agree with Alper here. Pre-authorization SA and > Post-Authorization SA is the PANA SA between the PaC and the CPAA. The > CPAA will be the SPAA but I believe that no new PANA SA is created after > the movement; it is only an update of the PANA SA. I agree. In response to Alper's comment, I explained it is meant to indicate a state of the PANA session. How about changing them to: " Pre-authorization state: A state to represent an established PANA session between a PaC and its CPAA. Post-authorization state: A state to represent an established PANA session between the PaC and its SPAA. " > > > 3. Pre-authentication Procedure > > A PaC that supports pre-authentication may establish a PANA session > for each CPAA. > > There may be several mechanisms for a PaC and a CPAA to discover each > other. However, such mechanisms are out of the scope of this > document. > > There may be a number of criteria for CPAA selection, the timing to > start pre-authentication and the timing to make a pre-authorization > SA a post-authorization SA (and hence the CPAA becomes the SPAA). > > [Rafa] This text may need to be revised if previous comment is accepted. Yes. s/pre-authentication SA/pre-authentication state/. s/post-authentication SA/post-authentication state/. > > > > When a CPAA with which the PaC has a pre-authorization SA becomes the > SPAA due to, e.g., movement of the PaC, the PaC performs an IP > address update procedure defined in Section 5.6 of [RFC5191] in order > to update the SPAA with the PaC's new address obtained from the new > serving network. PANA-Notification-Request (PNR) and PANA- > Notification-Answer (PNA) messages with 'P' (Ping) bit set are used > for this purpose. The completion of the IP address update procedure > will change the pre-authorization SA to a post-authorization SA. In > this case, the 'E' MUST NOT be set in the PNR and PNA messages and > subsequent PANA messages. > > If there is another CPAA with which the PaC has a pre-authorization > SA and the PaC wants to keep the pre-authorization SA after the > change of SPAA, the PaC also performs an IP address update procedure > defined in Section 5.6 of [RFC5191] in order to update the CPAA with > the PaC's new address. PNR and PNA messages with 'P' (Ping) bit set > is used for this purpose. In this case, the 'E' (prE-authentication) > bit MUST be set in the PNR and PNA messages and subsequent PANA > messages. The IP address update procedure with the CPAA will not > change the pre-authorization SA to a post-authorization SA. > > [Rafa] Let me understand this. It seems you're describing here two > alternatives. Either you update the PANA SA (with the CPAA) AFTER the > movement (PNR-PNA without E bit set) or BEFORE the movement (PNR-PNA > with E bit set). Is that correct?. No, both of two operation happens after the movement. The difference between the two operation is that the first paragraph describes the IP address update procedure when CPAA changes to SPAA after the movement. The second paragraph describes the IP address update procedure when CPAA is still CPAA after the movement. > > The pre-authorization SA and the corresponding PANA session between > the PaC and a CPAA is deleted by entering the termination phase of > the PANA protocol. > > Example call flows for PaC-initiated pre-authentication and PAA- > initiated pre-authentication are shown in Figure 1 and Figure 2, > respectively. > > [Rafa]. Fig 1 and Fig. 2 are rather similar except for > pre-authentication trigger and the PCI, right? > Maybe an unified figure could be better or simplify one of them. I think merging the two figures become complicated... > > > > 6. Security Considerations > > Since the mechanism described in this document is designed to work > across multiple access networks, each EP in the serving network > SHOULD be configured to allow PANA messages to be forwarded between a > PaC and a CPAA only if the PaC has a post-authorization SA with the > SPAA in order to avoid an unauthorized PaC to initiate pre- > authentication. > > [Rafa] I think I have a similar comment as Alper's. Since PANA works > over UDP, if the EP in the serving network is configured to allow IP > traffic to that PaC, why should we restrict the PaC to send PANA > pre-authentication messages to other CPAA? Or in other words, why should > we relay in the SPAA (that could belongs to a different domain than > CPAA) to enforce this?. I agree, and revised text is proposed in response to Alper's comment. Thanks, Yoshihiro Ohba > > > Best Regards. > > -- > ------------------------------------------------------ > Rafael Marin Lopez > Dept. Information and Communications Engineering (DIIC) > Faculty of Computer Science-University of Murcia > 30100 Murcia - Spain > Telf: +34968398501 e-mail: rafa@um.es > ------------------------------------------------------ > > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From liy@alti-e.co.kr Tue Jan 20 01:02:35 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8C32D28C186 for ; Tue, 20 Jan 2009 01:02:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.385 X-Spam-Level: X-Spam-Status: No, score=-22.385 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O3l+uxEuyN8G for ; Tue, 20 Jan 2009 01:02:29 -0800 (PST) Received: from allabouthawaii.com (unknown [84.27.141.184]) by core3.amsl.com (Postfix) with SMTP id C756028C1B0 for ; Tue, 20 Jan 2009 01:02:27 -0800 (PST) To: Subject: Next: Getting the best results From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090120090228.C756028C1B0@core3.amsl.com> Date: Tue, 20 Jan 2009 01:02:27 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Dont see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.positionthough.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://positionthough.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 2, B230. 571 Clements Road. London. SE12 2DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From koamkaf@aig.com Tue Jan 20 04:14:56 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 702A23A6BC9 for ; Tue, 20 Jan 2009 04:14:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.692 X-Spam-Level: X-Spam-Status: No, score=-14.692 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id THNu-jAsGEV1 for ; Tue, 20 Jan 2009 04:14:55 -0800 (PST) Received: from amcc.com.cn (unknown [189.60.72.175]) by core3.amsl.com (Postfix) with SMTP id 7825B3A6950 for ; Tue, 20 Jan 2009 04:14:45 -0800 (PST) To: Subject: Re: BRANDKEYWORD, Ltd From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090120121450.7825B3A6950@core3.amsl.com> Date: Tue, 20 Jan 2009 04:14:45 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Not see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.forgivenessespecially.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://methoddegree.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 6, B293. 178 Clements Road. London. SE17 2DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From pana-bounces@ietf.org Tue Jan 20 06:46:55 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DDB793A6C01; Tue, 20 Jan 2009 06:46:55 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DAF5E3A6C01 for ; Tue, 20 Jan 2009 06:46:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.288 X-Spam-Level: X-Spam-Status: No, score=-2.288 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HOST_MISMATCH_COM=0.311] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id inbz6RZYGL8E for ; Tue, 20 Jan 2009 06:46:54 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id D3C253A6BF3 for ; Tue, 20 Jan 2009 06:46:53 -0800 (PST) Received: from [127.0.0.1] (mgw.toshibaamericaresearch.com [165.254.55.12]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0KEhYPE004475; Tue, 20 Jan 2009 09:43:37 -0500 (EST) (envelope-from vfajardo@tari.toshiba.com) Message-ID: <4975E3BE.1020709@tari.toshiba.com> Date: Tue, 20 Jan 2009 09:46:22 -0500 From: Victor Fajardo User-Agent: Icedove 1.5.0.14eol (X11/20090105) MIME-Version: 1.0 To: Suresh Krishnan References: <4970F5BD.5010906@ericsson.com> In-Reply-To: <4970F5BD.5010906@ericsson.com> Cc: Basavaraj Patil , pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-statemachine-08 X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Suresh, Thanks for the review. > > * What is the intended status of this draft? I assume informational > but please update the draft to include this. Ok. > > Section 4 > ========= > > * This sentence is a bit unclear. > > > "When a discrepancy occurs between any part of this document and any > of the related documents ([RFC5191], [RFC4137] the latter (the other > documents) are considered authoritative and takes precedence." > > What does this mean exactly? e.g. In 4137 the actions are executed on > entry into the state and in this document they are executed on exit. > Does this mean there is a discrepancy? I guess the sentence needs to be clarified. It was trying to imply that if some state transitions in this document is contradicting events and/or transitions in 4137 then 4137 is to be followed and that there are flaws in this document. > > > Section 5 > ========== > > * "On exit from a state, the exit actions defined for the state and the > exit condition are executed exactly once, in the order that they > appear on the page." > > What page? I think we can remove that term "on the page" which is mis-leading. > > * "A state "ANY" is a wildcard state that matches the current state in > each state machine." > > Did you mean to say > > "A state "ANY" is a wildcard state that matches any state in the current > state machine." Good point. thanks. > > * The state "ANY except foo" has not been defined here but has been > used later. Yes. we should add clarifying text for this 'conditional' catch-all. > > * How do I send PANA messages with multiple flags set? e.g. I want to > send a PAR with I and S bits set. The description language does not > seem to allow this. In Sec 6.1, the definition for Tx:PANA_MESSAGE_NAME[flag](AVPs) should allow for multiple bit settings. We can clarify the scenario for having multiple flags here, for example: PANA_MESSAGE_NAME[I, S](AVPs) > > Section 6 > ========= > > * I do not think that RTX_MAX_NUM can be a constant for the state > machine since it can differ for different PANA messages. e.g. 0 for > PCI and 10 for PAR. The procedure RtxTimerStart() would typically set RTX_MAX_NUM to an appropriate value (Sec 6.1). But we can also clarify this by expanding the description of the text for RtxTimerStart(). > > Section 9.1 > =========== > > * I am not sure what this section has to do with implementation of > state machines. Can you please clarify? Its suppose to comment on a general pattern on how to integrate PANA implementations to an existing system. I can re-factor the text to make that point clearer. many thanks, victor > > Thanks > Suresh > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 10:00:03 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5B99C28C10A; Tue, 20 Jan 2009 10:00:03 -0800 (PST) X-Original-To: pana@ietf.org Delivered-To: pana@core3.amsl.com Received: by core3.amsl.com (Postfix, from userid 0) id 32CBF3A69D3; Tue, 20 Jan 2009 10:00:00 -0800 (PST) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 Message-Id: <20090120180001.32CBF3A69D3@core3.amsl.com> Date: Tue, 20 Jan 2009 10:00:01 -0800 (PST) Cc: pana@ietf.org Subject: [Pana] I-D Action:draft-ietf-pana-statemachine-09.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Protocol for carrying Authentication for Network Access Working Group of the IETF. Title : State Machines for Protocol for Carrying Authentication for Network Access (PANA) Author(s) : V. Fajardo, et al. Filename : draft-ietf-pana-statemachine-09.txt Pages : 37 Date : 2009-01-20 This document defines the conceptual state machines for the Protocol for Carrying Authentication for Network Access (PANA). The state machines consist of the PANA Client (PaC) state machine and the PANA Authentication Agent (PAA) state machine. The two state machines show how PANA can interface with the EAP state machines. The state machines and associated model are informative only. Implementations may achieve the same results using different methods. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-pana-statemachine-09.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Message/External-body; name="draft-ietf-pana-statemachine-09.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2009-01-20095534.I-D@ietf.org> --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana --NextPart-- From pana-bounces@ietf.org Tue Jan 20 10:05:44 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C974E3A69D3; Tue, 20 Jan 2009 10:05:44 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D43983A69D3; Tue, 20 Jan 2009 10:05:42 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.288 X-Spam-Level: X-Spam-Status: No, score=-2.288 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HOST_MISMATCH_COM=0.311] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GzpjEvogAJzj; Tue, 20 Jan 2009 10:05:42 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id EA8EB3A684E; Tue, 20 Jan 2009 10:05:41 -0800 (PST) Received: from [127.0.0.1] (mgw.toshibaamericaresearch.com [165.254.55.12]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0KI2TiU006325; Tue, 20 Jan 2009 13:02:33 -0500 (EST) (envelope-from vfajardo@tari.toshiba.com) Message-ID: <4976125E.1010506@tari.toshiba.com> Date: Tue, 20 Jan 2009 13:05:18 -0500 From: Victor Fajardo User-Agent: Icedove 1.5.0.14eol (X11/20090105) MIME-Version: 1.0 To: Internet-Drafts@ietf.org References: <20090120180001.32CBF3A69D3@core3.amsl.com> In-Reply-To: <20090120180001.32CBF3A69D3@core3.amsl.com> Cc: pana@ietf.org, i-d-announce@ietf.org Subject: Re: [Pana] I-D Action:draft-ietf-pana-statemachine-09.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi, This rev should incorporate Suresh's comments. regards, victor > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Protocol for carrying Authentication for Network Access Working Group of the IETF. > > > Title : State Machines for Protocol for Carrying Authentication for Network Access (PANA) > Author(s) : V. Fajardo, et al. > Filename : draft-ietf-pana-statemachine-09.txt > Pages : 37 > Date : 2009-01-20 > > This document defines the conceptual state machines for the Protocol > for Carrying Authentication for Network Access (PANA). The state > machines consist of the PANA Client (PaC) state machine and the PANA > Authentication Agent (PAA) state machine. The two state machines > show how PANA can interface with the EAP state machines. The state > machines and associated model are informative only. Implementations > may achieve the same results using different methods. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-pana-statemachine-09.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > ------------------------------------------------------------------------ > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 10:16:45 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 31FE93A6A05; Tue, 20 Jan 2009 10:16:45 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2533F3A6895 for ; Tue, 20 Jan 2009 10:16:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vCMltDzsjiGa for ; Tue, 20 Jan 2009 10:16:43 -0800 (PST) Received: from xenon3.um.es (xenon3.um.es [155.54.212.163]) by core3.amsl.com (Postfix) with ESMTP id 9119E3A686E for ; Tue, 20 Jan 2009 10:16:42 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon3.um.es (Postfix) with ESMTP id 12B0644108; Tue, 20 Jan 2009 19:16:26 +0100 (CET) X-Virus-Scanned: by amavisd-new-2.4.2 (20060627) (Debian) at xenon3.telemat.um.es Received: from xenon3.um.es ([127.0.0.1]) by localhost (xenon3.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id zf9y0Ivs05-W; Tue, 20 Jan 2009 19:16:25 +0100 (CET) Received: from inf-205-84.um.es (inf-205-84.um.es [155.54.205.84]) (Authenticated sender: rafa) by xenon3.um.es (Postfix) with ESMTP id 1367E44105; Tue, 20 Jan 2009 19:16:24 +0100 (CET) Message-ID: <497614F8.8060905@um.es> Date: Tue, 20 Jan 2009 19:16:24 +0100 From: Rafa Marin Lopez User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: Yoshihiro Ohba References: <4974AC91.4000903@um.es> <20090119231351.GJ14492@steelhead.localdomain> In-Reply-To: <20090119231351.GJ14492@steelhead.localdomain> Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Yoshi, thanks for the answers. Please see inline. >> [Rafa] I believe that an explanation of "access network" and "AAA >> domain" might be added here and also in the terminology section. >> > > I think these terms are popularly used in many documents and I don't > think we need to define them in this document. > [Rafa] OK. > > > How about this? > > "Serving Network: The access network that is currently providing > network access to the PaC." > [Rafa] OK. > I agree. In response to Alper's comment, I explained it is meant > to indicate a state of the PANA session. How about changing them to: > > " > Pre-authorization state: A state to represent an established PANA > session between a PaC and its CPAA. > > Post-authorization state: A state to represent an established PANA > session between the PaC and its SPAA. > " > > [Rafa] How about ? Pre-authorization state: The PANA SA state that represents an established PANA session between a PaC and its CPAA. Post-authorization state: The PANA SA state that represents an established PANA session between the PaC and its SPAA. >> 3. Pre-authentication Procedure >> >> A PaC that supports pre-authentication may establish a PANA session >> for each CPAA. >> >> There may be several mechanisms for a PaC and a CPAA to discover each >> other. However, such mechanisms are out of the scope of this >> document. >> >> There may be a number of criteria for CPAA selection, the timing to >> start pre-authentication and the timing to make a pre-authorization >> SA a post-authorization SA (and hence the CPAA becomes the SPAA). >> >> [Rafa] This text may need to be revised if previous comment is accepted. >> > > Yes. s/pre-authentication SA/pre-authentication state/. > s/post-authentication SA/post-authentication state/. > > >> >> >> When a CPAA with which the PaC has a pre-authorization SA becomes the >> SPAA due to, e.g., movement of the PaC, the PaC performs an IP >> address update procedure defined in Section 5.6 of [RFC5191] in order >> to update the SPAA with the PaC's new address obtained from the new >> serving network. PANA-Notification-Request (PNR) and PANA- >> Notification-Answer (PNA) messages with 'P' (Ping) bit set are used >> for this purpose. The completion of the IP address update procedure >> will change the pre-authorization SA to a post-authorization SA. In >> this case, the 'E' MUST NOT be set in the PNR and PNA messages and >> subsequent PANA messages. >> >> If there is another CPAA with which the PaC has a pre-authorization >> SA and the PaC wants to keep the pre-authorization SA after the >> change of SPAA, the PaC also performs an IP address update procedure >> defined in Section 5.6 of [RFC5191] in order to update the CPAA with >> the PaC's new address. PNR and PNA messages with 'P' (Ping) bit set >> is used for this purpose. In this case, the 'E' (prE-authentication) >> bit MUST be set in the PNR and PNA messages and subsequent PANA >> messages. The IP address update procedure with the CPAA will not >> change the pre-authorization SA to a post-authorization SA. >> >> [Rafa] Let me understand this. It seems you're describing here two >> alternatives. Either you update the PANA SA (with the CPAA) AFTER the >> movement (PNR-PNA without E bit set) or BEFORE the movement (PNR-PNA >> with E bit set). Is that correct?. >> > > No, both of two operation happens after the movement. The difference > between the two operation is that the first paragraph describes the IP > address update procedure when CPAA changes to SPAA after the movement. > The second paragraph describes the IP address update procedure when > CPAA is still CPAA after the movement. > [Rafa] Oh I see. I understand. However, in that case, I am assuming that the PANA SA of a CPAA should be updated whenever a PaC's IP address change happens and the CPAA is still a CPAA, even when the SPAA remains the same, right?. This would mean that the paragraph: "If there is another CPAA with which the PaC has a pre-authorization SA and the PaC wants to keep the pre-authorization SA after the change of SPAA..." should read "If there is another CPAA with which the PaC has a pre-authorization SA and the PaC wants to keep the pre-authorization SA after a change of PaC's IP address in the serving network..." what do you think? >> >> [Rafa]. Fig 1 and Fig. 2 are rather similar except for >> pre-authentication trigger and the PCI, right? >> Maybe an unified figure could be better or simplify one of them. >> > > I think merging the two figures become complicated... > [Rafa] Ok, no problem. >> >> >> 6. Security Considerations >> >> Since the mechanism described in this document is designed to work >> across multiple access networks, each EP in the serving network >> SHOULD be configured to allow PANA messages to be forwarded between a >> PaC and a CPAA only if the PaC has a post-authorization SA with the >> SPAA in order to avoid an unauthorized PaC to initiate pre- >> authentication. >> >> [Rafa] I think I have a similar comment as Alper's. Since PANA works >> over UDP, if the EP in the serving network is configured to allow IP >> traffic to that PaC, why should we restrict the PaC to send PANA >> pre-authentication messages to other CPAA? Or in other words, why should >> we relay in the SPAA (that could belongs to a different domain than >> CPAA) to enforce this?. >> > > I agree, and revised text is proposed in response to Alper's comment. > [Rafa] Ok. I just read it. It is fine for me. Thanks. -- ------------------------------------------------------ Rafael Marin Lopez Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34968398501 e-mail: rafa@um.es ------------------------------------------------------ _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 11:07:35 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 68BAE3A6BC6; Tue, 20 Jan 2009 11:07:35 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B9F63A6BC6 for ; Tue, 20 Jan 2009 11:07:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.487 X-Spam-Level: X-Spam-Status: No, score=-2.487 tagged_above=-999 required=5 tests=[AWL=0.112, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T8x23MsJU6VV for ; Tue, 20 Jan 2009 11:07:33 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 777243A6982 for ; Tue, 20 Jan 2009 11:07:33 -0800 (PST) Received: from steelhead.localdomain (ns.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0KJ4LAH006952; Tue, 20 Jan 2009 14:04:21 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LPLdm-0005nU-Hg; Tue, 20 Jan 2009 13:47:58 -0500 Date: Tue, 20 Jan 2009 13:47:58 -0500 From: Yoshihiro Ohba To: Rafa Marin Lopez Message-ID: <20090120184758.GG19876@steelhead.localdomain> References: <4974AC91.4000903@um.es> <20090119231351.GJ14492@steelhead.localdomain> <497614F8.8060905@um.es> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <497614F8.8060905@um.es> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Rafa, On Tue, Jan 20, 2009 at 07:16:24PM +0100, Rafa Marin Lopez wrote: (snip) >> I agree. In response to Alper's comment, I explained it is meant to >> indicate a state of the PANA session. How about changing them to: >> >> " >> Pre-authorization state: A state to represent an established PANA >> session between a PaC and its CPAA. >> >> Post-authorization state: A state to represent an established PANA >> session between the PaC and its SPAA. >> " >> >> > [Rafa] How about ? > > Pre-authorization state: The PANA SA state that represents an established PANA > session between a PaC and its CPAA. > > Post-authorization state: The PANA SA state that represents an established PANA > session between the PaC and its SPAA. The difference between yours and mine is basically whether the "state" is in terms of a PANA SA or a PANA session. Given that any state belongs to a PANA session, it should be sufficient to describe the "state" here in terms of a PANA session, IMO. >> >> No, both of two operation happens after the movement. The difference >> between the two operation is that the first paragraph describes the IP >> address update procedure when CPAA changes to SPAA after the movement. >> The second paragraph describes the IP address update procedure when >> CPAA is still CPAA after the movement. >> > [Rafa] Oh I see. I understand. However, in that case, I am assuming that > the PANA SA of a CPAA should be updated whenever a PaC's IP address > change happens and the CPAA is still a CPAA, even when the SPAA remains > the same, right?. Yes, you are right. > > This would mean that the paragraph: > > "If there is another CPAA with which the PaC has a pre-authorization SA > and the PaC wants to keep the pre-authorization SA after the change of > SPAA..." > > should read > > "If there is another CPAA with which the PaC has a pre-authorization SA > and the PaC wants to keep the pre-authorization SA after a change of > PaC's IP address in the serving network..." I agree with your suggested text since it also covers the case of IP address change without chaning SPAA. Thanks, Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 11:17:41 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0B8143A6AE9; Tue, 20 Jan 2009 11:17:41 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A8E33A6AE9 for ; Tue, 20 Jan 2009 11:17:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.316 X-Spam-Level: X-Spam-Status: No, score=-4.316 tagged_above=-999 required=5 tests=[AWL=-1.067, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Rl4QjztmrRL for ; Tue, 20 Jan 2009 11:17:38 -0800 (PST) Received: from p-mail2.rd.francetelecom.com (p-mail2.rd.francetelecom.com [195.101.245.16]) by core3.amsl.com (Postfix) with ESMTP id 15D653A680D for ; Tue, 20 Jan 2009 11:17:37 -0800 (PST) Received: from FTRDMEL2.rd.francetelecom.fr ([10.193.117.153]) by ftrdsmtp2.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.3959); Tue, 20 Jan 2009 20:17:18 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Tue, 20 Jan 2009 20:17:17 +0100 Message-ID: <7DBAFEC6A76F3E42817DF1EBE64CB02606293604@ftrdmel2> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Pana] Review of draft-ietf-pana-preauth-04.txt Thread-Index: Acl7M7UAiCjGQ76UQnmUA50y666LxQ== From: To: X-OriginalArrivalTime: 20 Jan 2009 19:17:18.0358 (UTC) FILETIME=[B5FD1360:01C97B33] Cc: pana@ietf.org Subject: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi All, = Here is my review of the draft. I'm sorry but I haven't read yet the current exchange on this topic on the = mailing list. Therefore, most of my comments are maybe already covered by previous review= s. BR, Lionel *********************************** General comment: The document is quite in a good shape but some key points should clarify in= order to understand the purpose of this document. *********************************** Abstract This document defines an extension to the Protocol for carrying Authentication for Network Access (PANA) for proactively establishing a PANA SA (Security Association) between a PaC in one access network and a PAA in another access network to which the PaC may move. The proposed method operates across multiple administrative domains. [LM] I would avoid the use of too many acronyms in the abstract. Proposed change: "This document defines an extension to the Protocol for carrying Authentication for Network Access (PANA) for proactively establishing a PANA s=E9curity association between a PANA Client in one access network and a PANA Authentication Agent in another access network to which the = PANA Client may move. The proposed method operates across multiple administrative domains." 1. Introduction The Protocol for carrying Authentication for Network Access (PANA) [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA (PANA Authentication Agent) in the access network. If the PaC is a mobile device and is capable of moving one access network to another while running its applications, it is critical for the PaC to perform a handover seamlessly without degrading the performance of the applications during the handover period. When the handover requires the PaC to establish a PANA session with the PAA in the new access network, the signaling to establish the PANA session should be completed as fast as possible. This document defines an extension to the PANA protocol [RFC5191] used for proactively executing EAP authentication and establishing a PANA SA (Security Association) between a PaC in an access network and a PAA in another access network to which the PaC may move. The proposed method operates across multiple AAA domains. The extension to the PANA protocol is designed to realize direct pre-authentication defined in [I-D.ietf-hokey-preauth-ps]. [LM] the multiple AAA domains case is not described in the document. 2. Terminogy The following terms are used in this document in addition to the terms defined in [RFC5191]. Serving PAA (SPAA): A PAA that resides in the serving network and provides network access authentication for a particular PaC. For simplicity, this document assumes that there is only one SPAA in the serving network while the pre-authentication mechanism described in this document is generally applicable to the case where there are two or more SPAAs in the serving network. Candidate PAA (CPAA): A PAA that resides in a candidate network to which the PaC may move. A CPAA for a particular PaC may be a SPAA for another PaC. [LM] as you said, SPAA and CPAA are not tight to the notion of network but = to the relationship with the PaC. Why do not simply define SPAA as the current PAA having an PANA SA with the= PaC and the CPAA as the new PAA with which an SA needs to be established? Pre-authentication: Pre-authentication refers to EAP pre- authentication and defined as the utilization of EAP to pre- establish EAP keying material on an authenticator prior to arrival of the peer at the access network served by that authenticator [I-D.ietf-hokey-preauth-ps]. In this draft, EAP pre- authentication is performed between a PaC and a CPAA. Pre-authorization: An authorization for a PaC, made by a CPAA for the PaC at the time of pre-authentication. Post-authorization: An authorization for a PaC, made by a CPAA for the PaC when the CPAA becomes the SPAA for the PaC. Pre-authorization SA: A PANA SA established between a PaC and its CPAA. [LM] Why do not use Pre-PANA SA in that case? But see my comment below abou= t Pre-/Post-PANA SA Post-authorization SA: A PANA SA established between the PaC and its SPAA. [LM] Why do not use Post-PANA SA in that case? But see my comment below abo= ut Pre-/Post-PANA SA 3. Pre-authentication Procedure A PaC that supports pre-authentication may establish a PANA session for each CPAA. There may be several mechanisms for a PaC and a CPAA to discover each other. However, such mechanisms are out of the scope of this document. [LM] If possible, it would be maybe useful to provide at least one non-norm= ative example for illustration. There may be a number of criteria for CPAA selection, the timing to start pre-authentication and the timing to make a pre-authorization SA a post-authorization SA (and hence the CPAA becomes the SPAA). Such criteria can be implementation specific and thus are outside the scope of this document. Pre-authentication may be initiated by both a PaC and a CPAA. A new 'E' (prE-authentication) bit is defined in the PANA header. When pre-authentication is performed, the 'E' (prE-authentication) bit of PANA messages are set in order to indicate whether this PANA run is for pre-authentication. Use of pre-authentication is negotiated as follows. o When a PaC initiates pre-authentication, it sends a PANA-Client- Initiation (PCI) message with the 'E' (prE-authentication) bit set. The PCI message MUST be unicast. The CPAA responds with a PANA-Auth-Request (PAR) message with the 'S' (Start) and 'E' (prE- authentication) bits set only if it supports pre-authentication. Otherwise, it MUST silently discard the message. [LM] The PCI message MUST be unicast to the CPAA. o When a CPAA initiates pre-authentication, it sends a PAR message with the 'S' (Start) and 'E' (prE-authentication) bits set. The PaC responds with a PANA-Auth-Answer (PAN) message with the 'S' (Start) and 'E' (prE-authentication) bits set only if it supports pre-authentication. Otherwise, it MUST silently discard the message. [LM] I assume that the PAR is unicast to the PaC... o Once the PaC and CPAA have agreed on performing pre-authentication using the 'S' (Start) and 'E' (prE-authentication) bits, the subsequent PANA messages exchanged between them MUST have the 'E' (prE-authentication) bit set. [LM] It could be useful to add here that this procedure can be performed wi= th several CPAAs. [LM] it could be also useful to say that the rest of the PANA exchange if f= or establishing the pre-PANA SA. [LM] Is it assumed that the pre-PANA SA is established as new basic PANA SA= ? Basically, it would imply that the PaC is handling simultaneous PANA SA b= inding. and there is no pre- and Post-PANA SA, only multiple PANA SAs with = several PAA. Both should be clarified in the procedure description. When a CPAA with which the PaC has a pre-authorization SA becomes the SPAA due to, e.g., movement of the PaC, the PaC performs an IP address update procedure defined in Section 5.6 of [RFC5191] in order to update the SPAA with the PaC's new address obtained from the new serving network. PANA-Notification-Request (PNR) and PANA- Notification-Answer (PNA) messages with 'P' (Ping) bit set are used for this purpose. The completion of the IP address update procedure will change the pre-authorization SA to a post-authorization SA. In this case, the 'E' MUST NOT be set in the PNR and PNA messages and subsequent PANA messages. [Skip] 4. PANA Extensions A new 'E' (prE-authentication) bit is defined in Flags field of PANA header as follows. 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R S C A P I E r r r r r r r r r| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ E(PrE-authentication) When pre-authentication is performed, the 'E' (prE-authentication) bit of PANA messages are set in order to indicate whether this PANA run is for establishing a pre- authorization SA. The exact usage of this bit is described in Section 3. This bit is to be assigned by IANA. [LM] Even if everything is described in the section 3, it could also useful= to add a specific section describing backward compatibility handling. 5. Authorization and Accounting Considerations A pre-authorization and a post-authorization for the PaC may have different authorization policies. For example, the pre-authorization policy may not allow the PaC to sent or receive packets through an [LM] s/sent/send Enforcement Point (EP) that is under control of the CPAA, while both the pre-authorization and post-authorization policies may allow installing credentials to the EP, where the credentials are used for establishing a security association for per-packet cryptographic filtering. In an access network where accounting is performed, accounting starts when the pre-authorization SA becomes the post-authorization SA by default. Depending on the pre-authorization policy, accounting may start immediately after the pre-authorization SA is established. 6. Security Considerations Since the mechanism described in this document is designed to work across multiple access networks, each EP in the serving network SHOULD be configured to allow PANA messages to be forwarded between a PaC and a CPAA only if the PaC has a post-authorization SA with the SPAA in order to avoid an unauthorized PaC to initiate pre- authentication. Also, each access network that supports pre- authentication SHOULD block pre-authentication attempts from networks from which a handover is not likely to occur. [LM] If you have multiple networks between the PaC and the CPAA, how do kno= w that you have to block this request? Maybe this question on blocking requ= ests from external networks shoul be out of scope as well. When pre-authentication is initiated by a CPAA, it is possible that the PaC simultaneously communicates with multiple CPAAs initiating pre-authentication. In order to avoid possible resource consumption attacks on the PaC caused by a blind attacker initiating pre- authentication for the PaC by changing source addresses, the PaC SHOULD limit the maximum number of CPAAs allowed to communicate. The pre-authentication mechanism defined in this document does not have an issue on context binding in which link-layer independent context carried over pre-authentication signaling is bound to the link-layer specific context [I-D.ietf-hokey-preauth-ps], because the same EAP transport protocol (i.e., PANA) is used for normal authentication and pre-authentication in the candidate network. [end of my comment] _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 11:45:23 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E531428C0FE; Tue, 20 Jan 2009 11:45:23 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 275F228C0FE for ; Tue, 20 Jan 2009 11:45:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oMUwmxCIRO9V for ; Tue, 20 Jan 2009 11:45:21 -0800 (PST) Received: from xenon3.um.es (xenon3.um.es [155.54.212.163]) by core3.amsl.com (Postfix) with ESMTP id 0715A28C0FB for ; Tue, 20 Jan 2009 11:45:19 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by xenon3.um.es (Postfix) with ESMTP id AF09A4401B; Tue, 20 Jan 2009 20:45:02 +0100 (CET) X-Virus-Scanned: by amavisd-new-2.4.2 (20060627) (Debian) at xenon3.telemat.um.es Received: from xenon3.um.es ([127.0.0.1]) by localhost (xenon3.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 83hffoAvrAyK; Tue, 20 Jan 2009 20:45:02 +0100 (CET) Received: from inf-205-84.um.es (inf-205-84.um.es [155.54.205.84]) (Authenticated sender: rafa) by xenon3.um.es (Postfix) with ESMTP id 45C1644070; Tue, 20 Jan 2009 20:45:01 +0100 (CET) Message-ID: <497629BD.8060200@um.es> Date: Tue, 20 Jan 2009 20:45:01 +0100 From: Rafa Marin Lopez User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: Yoshihiro Ohba References: <4974AC91.4000903@um.es> <20090119231351.GJ14492@steelhead.localdomain> <497614F8.8060905@um.es> <20090120184758.GG19876@steelhead.localdomain> In-Reply-To: <20090120184758.GG19876@steelhead.localdomain> Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Yoshi > > The difference between yours and mine is basically whether the "state" > is in terms of a PANA SA or a PANA session. Given that any state > belongs to a PANA session, it should be sufficient to describe the > "state" here in terms of a PANA session, IMO. > [Rafa] That's ok for me. >> "If there is another CPAA with which the PaC has a pre-authorization SA >> and the PaC wants to keep the pre-authorization SA after the change of >> SPAA..." >> >> should read >> >> "If there is another CPAA with which the PaC has a pre-authorization SA >> and the PaC wants to keep the pre-authorization SA after a change of >> PaC's IP address in the serving network..." >> > > I agree with your suggested text since it also covers the case of IP > address change without chaning SPAA. > [Rafa] Ok, perfect. Thanks. > Thanks, > Yoshihiro Ohba > > -- ------------------------------------------------------ Rafael Marin Lopez Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34968398501 e-mail: rafa@um.es ------------------------------------------------------ _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 13:26:12 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3768F3A68B4; Tue, 20 Jan 2009 13:26:12 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C3F53A67C1 for ; Tue, 20 Jan 2009 13:26:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.288 X-Spam-Level: X-Spam-Status: No, score=-2.288 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HOST_MISMATCH_COM=0.311] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oGJS+EuKFwgh for ; Tue, 20 Jan 2009 13:26:10 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 16F483A6893 for ; Tue, 20 Jan 2009 13:26:09 -0800 (PST) Received: from [127.0.0.1] (mgw.toshibaamericaresearch.com [165.254.55.12]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0KLMxOk008149 for ; Tue, 20 Jan 2009 16:23:01 -0500 (EST) (envelope-from vfajardo@tari.toshiba.com) Message-ID: <4976415B.2060404@tari.toshiba.com> Date: Tue, 20 Jan 2009 16:25:47 -0500 From: Victor Fajardo User-Agent: Icedove 1.5.0.14eol (X11/20090105) MIME-Version: 1.0 To: "pana@ietf.org" Subject: [Pana] Review of draft-ietf-pana-preauth-04 X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi all, The document is in good shape. I just have a few minor comments inline: 3. Pre-authentication Procedure A PaC that supports pre-authentication may establish a PANA session for each CPAA. [Victor: /for each CPAA/for each CPAA in the domain that it intends to move to./s] There may be a number of criteria for CPAA selection, the timing to start pre-authentication and the timing to make a pre-authorization SA a post-authorization SA (and hence the CPAA becomes the SPAA). Such criteria can be implementation specific and thus are outside the scope of this document. [Victor: Is the paragraph describing the scenario where pre-authz may not yet be complete before handover occurs ? and therefore it should select the CPAA carefully ? ] o Once the PaC and CPAA have agreed on performing pre-authentication using the 'S' (Start) and 'E' (prE-authentication) bits, the subsequent PANA messages exchanged between them MUST have the 'E' (prE-authentication) bit set. [Victor: Does this also include Re-Authentication between PaC and CPAA (in case re-authentication occurs before handover ?] If there is another CPAA with which the PaC has a pre-authorization SA and the PaC wants to keep the pre-authorization SA after the change of SPAA, the PaC also performs an IP address update procedure [Victor: /the PaC also performs/the PaC may also preform/s] 5. Authorization and Accounting Considerations A pre-authorization and a post-authorization for the PaC may have different authorization policies. For example, the pre-authorization policy may not allow the PaC to sent or receive packets through an [Victor: Is it better to say: s/sent or receive packets/send or receive data packets/, so as not to include PANA messages in the EP filter ?] Enforcement Point (EP) that is under control of the CPAA, while both the pre-authorization and post-authorization policies may allow installing credentials to the EP, where the credentials are used for establishing a security association for per-packet cryptographic filtering. In an access network where accounting is performed, accounting starts when the pre-authorization SA becomes the post-authorization SA by default. Depending on the pre-authorization policy, accounting may [Victor: s/Depending on/However, depending on/ start immediately after the pre-authorization SA is established. When pre-authentication is initiated by a CPAA, it is possible that the PaC simultaneously communicates with multiple CPAAs initiating pre-authentication. In order to avoid possible resource consumption attacks on the PaC caused by a blind attacker initiating pre- authentication for the PaC by changing source addresses, the PaC SHOULD limit the maximum number of CPAAs allowed to communicate. [Victor: Would it also be useful to mention that such an attack is possible on the CPAA side ?] regards, victor _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 20 16:07:02 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9FFB93A6887; Tue, 20 Jan 2009 16:07:02 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 46A0A3A6887; Tue, 20 Jan 2009 16:07:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.572 X-Spam-Level: X-Spam-Status: No, score=-6.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ju46HKXIOhsq; Tue, 20 Jan 2009 16:06:56 -0800 (PST) Received: from imr2.ericy.com (imr2.ericy.com [198.24.6.3]) by core3.amsl.com (Postfix) with ESMTP id 737BA3A6822; Tue, 20 Jan 2009 16:06:56 -0800 (PST) Received: from eusrcmw751.eamcs.ericsson.se (eusrcmw751.exu.ericsson.se [138.85.77.51]) by imr2.ericy.com (8.13.1/8.13.1) with ESMTP id n0L06VG4019881; Tue, 20 Jan 2009 18:06:38 -0600 Received: from eusrcmw750.eamcs.ericsson.se ([138.85.77.50]) by eusrcmw751.eamcs.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 20 Jan 2009 18:06:31 -0600 Received: from [142.133.10.113] ([142.133.10.113]) by eusrcmw750.eamcs.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Tue, 20 Jan 2009 18:06:31 -0600 Message-ID: <497666CD.4090700@ericsson.com> Date: Tue, 20 Jan 2009 19:05:33 -0500 From: Suresh Krishnan User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: Victor Fajardo References: <20090120180001.32CBF3A69D3@core3.amsl.com> <4976125E.1010506@tari.toshiba.com> In-Reply-To: <4976125E.1010506@tari.toshiba.com> X-OriginalArrivalTime: 21 Jan 2009 00:06:31.0407 (UTC) FILETIME=[1D3637F0:01C97B5C] Cc: i-d-announce@ietf.org, Internet-Drafts@ietf.org, pana@ietf.org Subject: Re: [Pana] I-D Action:draft-ietf-pana-statemachine-09.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Victor, Thanks for the quick response. Your changes address all my comments. Regards Suresh Victor Fajardo wrote: > Hi, > > This rev should incorporate Suresh's comments. > > regards, > victor >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Protocol for carrying Authentication >> for Network Access Working Group of the IETF. >> >> >> Title : State Machines for Protocol for Carrying >> Authentication for Network Access (PANA) >> Author(s) : V. Fajardo, et al. >> Filename : draft-ietf-pana-statemachine-09.txt >> Pages : 37 >> Date : 2009-01-20 >> >> This document defines the conceptual state machines for the Protocol >> for Carrying Authentication for Network Access (PANA). The state >> machines consist of the PANA Client (PaC) state machine and the PANA >> Authentication Agent (PAA) state machine. The two state machines >> show how PANA can interface with the EAP state machines. The state >> machines and associated model are informative only. Implementations >> may achieve the same results using different methods. >> >> A URL for this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-ietf-pana-statemachine-09.txt >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> Below is the data which will enable a MIME compliant mail reader >> implementation to automatically retrieve the ASCII version of the >> Internet-Draft. >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Pana mailing list >> Pana@ietf.org >> https://www.ietf.org/mailman/listinfo/pana >> > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From mccollumaraccident@alkhorayef.com Tue Jan 20 19:33:40 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ECEFB3A6A0C for ; Tue, 20 Jan 2009 19:33:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -31.737 X-Spam-Level: X-Spam-Status: No, score=-31.737 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, HOST_EQ_STATIC=1.172, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ATHtyV8fbuB7 for ; Tue, 20 Jan 2009 19:33:34 -0800 (PST) Received: from 60-242-206-175.static.tpgi.com.au (60-242-206-175.static.tpgi.com.au [60.242.206.175]) by core3.amsl.com (Postfix) with SMTP id 7B6CC3A69D6 for ; Tue, 20 Jan 2009 19:33:32 -0800 (PST) To: Subject: Great Finds From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090121033333.7B6CC3A69D6@core3.amsl.com> Date: Tue, 20 Jan 2009 19:33:32 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.harmonydrive.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://harmonydrive.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 0, B333. 879 Clements Road. London. SE50 0DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From llew@affinityads.com Tue Jan 20 21:29:01 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4C51E3A6917 for ; Tue, 20 Jan 2009 21:29:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.938 X-Spam-Level: X-Spam-Status: No, score=-12.938 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I-MSF55KcX6h for ; Tue, 20 Jan 2009 21:28:54 -0800 (PST) Received: from fw02.jucemg.mg.gov.br (fw02.jucemg.mg.gov.br [200.198.42.138]) by core3.amsl.com (Postfix) with SMTP id 6429E3A68B5 for ; Tue, 20 Jan 2009 21:28:52 -0800 (PST) To: Subject: Re: BRANDKEYWORD, Ltd From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090121052853.6429E3A68B5@core3.amsl.com> Date: Tue, 20 Jan 2009 21:28:52 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Not see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.ofpitch.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://methoddegree.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 1, B576. 512 Clements Road. London. SE61 7DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From hr@aidscommunityresources.com Tue Jan 20 23:00:33 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8AF4F3A67CC; Tue, 20 Jan 2009 23:00:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -53.874 X-Spam-Level: X-Spam-Status: No, score=-53.874 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, RELAY_IS_222=2.179, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cy4WTn-B7smx; Tue, 20 Jan 2009 23:00:32 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (unknown [222.253.222.79]) by core3.amsl.com (Postfix) with SMTP id A791D3A6A1A; Tue, 20 Jan 2009 22:59:58 -0800 (PST) X-Originating-IP: 24.154.232.104 by smtp.212.95.32.105; Wed, 21 Jan 2009 00:56:32 -0600 Message-ID: Subject: Get your Cartier watch now Date: Wed, 21 Jan 2009 02:02:32 -0500 From: "Ahmad Guy" To: "Eddy Dugan" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Eddy, If you've waited to get your Tag Heuer watch, this is the right time to go for it. http://alexanderlkv.obxhost.net Take an extra 15% off your purchase during month of January (2009). http://alexanderlkv.obxhost.net Our Tag Heuer watches have perfect weight and feel same as orginal. Sincerely, Mr Dugan From pana-bounces@ietf.org Wed Jan 21 09:31:59 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C9F2728C1F6; Wed, 21 Jan 2009 09:31:59 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2ABD528C213 for ; Wed, 21 Jan 2009 09:31:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.493 X-Spam-Level: X-Spam-Status: No, score=-2.493 tagged_above=-999 required=5 tests=[AWL=0.106, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t3uHkAXch7-B for ; Wed, 21 Jan 2009 09:31:57 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 55F2328C1F6 for ; Wed, 21 Jan 2009 09:31:57 -0800 (PST) Received: from steelhead.localdomain (home.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0LHSlIR018250; Wed, 21 Jan 2009 12:28:48 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LPghU-0007g7-3f; Wed, 21 Jan 2009 12:17:12 -0500 Date: Wed, 21 Jan 2009 12:17:12 -0500 From: Yoshihiro Ohba To: lionel.morand@orange-ftgroup.com Message-ID: <20090121171712.GD28667@steelhead.localdomain> References: <7DBAFEC6A76F3E42817DF1EBE64CB02606293604@ftrdmel2> MIME-Version: 1.0 In-Reply-To: <7DBAFEC6A76F3E42817DF1EBE64CB02606293604@ftrdmel2> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1316055887==" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org --===============1316055887== Content-Disposition: inline Content-Type: text/plain; charset="iso-2022-jp" Hi Lionel, Thank you very much for your review. Please see my comments below. On Tue, Jan 20, 2009 at 08:17:17PM +0100, lionel.morand@orange-ftgroup.com wrote: > Hi All, > > Here is my review of the draft. > I'm sorry but I haven't read yet the current exchange on this topic on the mailing list. > Therefore, most of my comments are maybe already covered by previous reviews. > > BR, > > Lionel > > *********************************** > > General comment: > > The document is quite in a good shape but some key points should clarify in order to understand the purpose of this document. > > *********************************** > > Abstract > > This document defines an extension to the Protocol for carrying > Authentication for Network Access (PANA) for proactively establishing > a PANA SA (Security Association) between a PaC in one access network > and a PAA in another access network to which the PaC may move. The > proposed method operates across multiple administrative domains. > > [LM] I would avoid the use of too many acronyms in the abstract. > Proposed change: > > "This document defines an extension to the Protocol for carrying > Authentication for Network Access (PANA) for proactively establishing > a PANA scurity association between a PANA Client in one access network > and a PANA Authentication Agent in another access network to which the > PANA Client may move. The proposed method operates across multiple > administrative domains." I agree. > > > 1. Introduction > > The Protocol for carrying Authentication for Network Access (PANA) > [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA > (PANA Authentication Agent) in the access network. If the PaC is a > mobile device and is capable of moving one access network to another > while running its applications, it is critical for the PaC to perform > a handover seamlessly without degrading the performance of the > applications during the handover period. When the handover requires > the PaC to establish a PANA session with the PAA in the new access > network, the signaling to establish the PANA session should be > completed as fast as possible. > > This document defines an extension to the PANA protocol [RFC5191] > used for proactively executing EAP authentication and establishing a > PANA SA (Security Association) between a PaC in an access network and > a PAA in another access network to which the PaC may move. The > proposed method operates across multiple AAA domains. The extension > to the PANA protocol is designed to realize direct pre-authentication > defined in [I-D.ietf-hokey-preauth-ps]. > > [LM] the multiple AAA domains case is not described in the document. We can delete the sentence "The proposed method operates across multiple AAA domains." > > > 2. Terminogy > > The following terms are used in this document in addition to the > terms defined in [RFC5191]. > > Serving PAA (SPAA): A PAA that resides in the serving network and > provides network access authentication for a particular PaC. For > simplicity, this document assumes that there is only one SPAA in > the serving network while the pre-authentication mechanism > described in this document is generally applicable to the case > where there are two or more SPAAs in the serving network. > > Candidate PAA (CPAA): A PAA that resides in a candidate network to > which the PaC may move. A CPAA for a particular PaC may be a SPAA > for another PaC. > > [LM] as you said, SPAA and CPAA are not tight to the notion of network but to the relationship with the PaC. > Why do not simply define SPAA as the current PAA having an PANA SA with the PaC and the CPAA as the new PAA with which an SA needs to be established? That is because even after a PANA SA is established with the CPAA, the PaC may hold the SA without moving to the access network of the CPAA, and the CPAA with the established PANA SA still needs to be distinguished from the SPAA. > > > Pre-authentication: Pre-authentication refers to EAP pre- > authentication and defined as the utilization of EAP to pre- > establish EAP keying material on an authenticator prior to arrival > of the peer at the access network served by that authenticator > [I-D.ietf-hokey-preauth-ps]. In this draft, EAP pre- > authentication is performed between a PaC and a CPAA. > > Pre-authorization: An authorization for a PaC, made by a CPAA for > the PaC at the time of pre-authentication. > > Post-authorization: An authorization for a PaC, made by a CPAA for > the PaC when the CPAA becomes the SPAA for the PaC. > > Pre-authorization SA: A PANA SA established between a PaC and its > CPAA. > > [LM] Why do not use Pre-PANA SA in that case? But see my comment below about Pre-/Post-PANA SA > > Post-authorization SA: A PANA SA established between the PaC and its > SPAA. > > [LM] Why do not use Post-PANA SA in that case? But see my comment below about Pre-/Post-PANA SA Please see my comment below. > > > 3. Pre-authentication Procedure > > A PaC that supports pre-authentication may establish a PANA session > for each CPAA. > > There may be several mechanisms for a PaC and a CPAA to discover each > other. However, such mechanisms are out of the scope of this > document. > > [LM] If possible, it would be maybe useful to provide at least one non-normative example for illustration. I am afraid if we described non-normative text for out-of-scope things, then people may say delete it. > > There may be a number of criteria for CPAA selection, the timing to > start pre-authentication and the timing to make a pre-authorization > SA a post-authorization SA (and hence the CPAA becomes the SPAA). > Such criteria can be implementation specific and thus are outside the > scope of this document. > > Pre-authentication may be initiated by both a PaC and a CPAA. A new > 'E' (prE-authentication) bit is defined in the PANA header. When > pre-authentication is performed, the 'E' (prE-authentication) bit of > PANA messages are set in order to indicate whether this PANA run is > for pre-authentication. Use of pre-authentication is negotiated as > follows. > > o When a PaC initiates pre-authentication, it sends a PANA-Client- > Initiation (PCI) message with the 'E' (prE-authentication) bit > set. The PCI message MUST be unicast. The CPAA responds with a > PANA-Auth-Request (PAR) message with the 'S' (Start) and 'E' (prE- > authentication) bits set only if it supports pre-authentication. > Otherwise, it MUST silently discard the message. > > [LM] The PCI message MUST be unicast to the CPAA. Alper had a comment to delete "The PCI message MUST be unicast." > > o When a CPAA initiates pre-authentication, it sends a PAR message > with the 'S' (Start) and 'E' (prE-authentication) bits set. The > PaC responds with a PANA-Auth-Answer (PAN) message with the 'S' > (Start) and 'E' (prE-authentication) bits set only if it supports > pre-authentication. Otherwise, it MUST silently discard the > message. > > [LM] I assume that the PAR is unicast to the PaC... Yes. > > o Once the PaC and CPAA have agreed on performing pre-authentication > using the 'S' (Start) and 'E' (prE-authentication) bits, the > subsequent PANA messages exchanged between them MUST have the 'E' > (prE-authentication) bit set. > > [LM] It could be useful to add here that this procedure can be performed with several CPAAs. I agree. > [LM] it could be also useful to say that the rest of the PANA exchange if for establishing the pre-PANA SA. I agree. > [LM] Is it assumed that the pre-PANA SA is established as new basic PANA SA? Basically, it would imply that the PaC is handling simultaneous PANA SA binding. and there is no pre- and Post-PANA SA, only multiple PANA SAs with several PAA. Both should be clarified in the procedure description. I agree. Basically this issue is the same as the one Alper and Rafa raised. We are trying to address the issue by replacing pre-authorization SA and post-authorization SA with pre-authorization state and post-authorization state, respectively. > > When a CPAA with which the PaC has a pre-authorization SA becomes the > SPAA due to, e.g., movement of the PaC, the PaC performs an IP > address update procedure defined in Section 5.6 of [RFC5191] in order > to update the SPAA with the PaC's new address obtained from the new > serving network. PANA-Notification-Request (PNR) and PANA- > Notification-Answer (PNA) messages with 'P' (Ping) bit set are used > for this purpose. The completion of the IP address update procedure > will change the pre-authorization SA to a post-authorization SA. In > this case, the 'E' MUST NOT be set in the PNR and PNA messages and > subsequent PANA messages. > > [Skip] > > > 4. PANA Extensions > > A new 'E' (prE-authentication) bit is defined in Flags field of PANA > header as follows. > > 0 1 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |R S C A P I E r r r r r r r r r| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > > E(PrE-authentication) When pre-authentication is performed, the 'E' > (prE-authentication) bit of PANA messages are set in order to > indicate whether this PANA run is for establishing a pre- > authorization SA. The exact usage of this bit is described in > Section 3. This bit is to be assigned by IANA. > > [LM] Even if everything is described in the section 3, it could also useful to add a specific section describing backward compatibility handling. We can certainly add a new section on backward compatibility handling. > > > 5. Authorization and Accounting Considerations > > A pre-authorization and a post-authorization for the PaC may have > different authorization policies. For example, the pre-authorization > policy may not allow the PaC to sent or receive packets through an > > [LM] s/sent/send OK. > > Enforcement Point (EP) that is under control of the CPAA, while both > the pre-authorization and post-authorization policies may allow > installing credentials to the EP, where the credentials are used for > establishing a security association for per-packet cryptographic > filtering. > > In an access network where accounting is performed, accounting starts > when the pre-authorization SA becomes the post-authorization SA by > default. Depending on the pre-authorization policy, accounting may > start immediately after the pre-authorization SA is established. > > > 6. Security Considerations > > Since the mechanism described in this document is designed to work > across multiple access networks, each EP in the serving network > SHOULD be configured to allow PANA messages to be forwarded between a > PaC and a CPAA only if the PaC has a post-authorization SA with the > SPAA in order to avoid an unauthorized PaC to initiate pre- > authentication. Also, each access network that supports pre- > authentication SHOULD block pre-authentication attempts from networks > from which a handover is not likely to occur. > > [LM] If you have multiple networks between the PaC and the CPAA, how do know that you have to block this request? Maybe this question on blocking requests from external networks shoul be out of scope as well. This issue was also raised by Alper and Rafa, and revised text has been proposed in response to Alper's email. Thank you, Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana --===============1316055887== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana --===============1316055887==-- From robot007@loharemos.com Wed Jan 21 10:19:53 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EBBBD3A69BB; Wed, 21 Jan 2009 10:19:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -55.379 X-Spam-Level: X-Spam-Status: No, score=-55.379 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RCVD_IN_PBL=0.905, RCVD_IN_SBL=1.551, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V59qEwCRox9s; Wed, 21 Jan 2009 10:19:52 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (unknown [190.84.171.207]) by core3.amsl.com (Postfix) with SMTP id 0902D3A696A; Wed, 21 Jan 2009 10:19:21 -0800 (PST) X-Originating-IP: 128.168.48.250 by smtp.212.95.32.105; Wed, 21 Jan 2009 12:13:54 -0600 Message-ID: Subject: Inexpensive Gucci watches Date: Wed, 21 Jan 2009 13:21:54 -0500 From: "Ty Milton" To: "Johnnie Carrillo" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Johnnie, Looking for a Chopard? How about getting two, one for you and one for your spouse? http://morrismon.2gb.cc With top notch customer service and super warranty, we stand behind our watches. http://morrismon.2gb.cc Our Chopard watches have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Carrillo From jprasad@aig.com Wed Jan 21 12:25:32 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4A22728C105 for ; Wed, 21 Jan 2009 12:25:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.839 X-Spam-Level: X-Spam-Status: No, score=-11.839 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iTQ0j8Zg2Xog for ; Wed, 21 Jan 2009 12:25:31 -0800 (PST) Received: from andreas-buermann.de (unknown [148.235.9.67]) by core3.amsl.com (Postfix) with SMTP id 4279B28C103 for ; Wed, 21 Jan 2009 12:25:25 -0800 (PST) To: Subject: Welcome to eBay! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090121202527.4279B28C103@core3.amsl.com> Date: Wed, 21 Jan 2009 12:25:25 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.traditionraise.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://traditionraise.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 6, B935. 712 Clements Road. London. SE99 7DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From masa0902@agate.plala.or.jp Wed Jan 21 16:50:54 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 66FD23A6830 for ; Wed, 21 Jan 2009 16:50:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -28.287 X-Spam-Level: X-Spam-Status: No, score=-28.287 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_IP_ADDR=1.119, HOST_EQ_USERONOCOM=1.444, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RCVD_NUMERIC_HELO=2.067, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cd3JC2uu-CG7 for ; Wed, 21 Jan 2009 16:50:53 -0800 (PST) Received: from 85.251.35.23.dyn.user.ono.com (85.251.35.23.dyn.user.ono.com [85.251.35.23]) by core3.amsl.com (Postfix) with SMTP id B27153A6784 for ; Wed, 21 Jan 2009 16:50:52 -0800 (PST) To: Subject: Payment Accepted! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090122005052.B27153A6784@core3.amsl.com> Date: Wed, 21 Jan 2009 16:50:52 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.cropthere.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://cropthere.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 2, B665. 673 Clements Road. London. SE43 1DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From pana-bounces@ietf.org Wed Jan 21 22:43:59 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 109A028C112; Wed, 21 Jan 2009 22:43:59 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B086428C112 for ; Wed, 21 Jan 2009 22:43:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tiskbvUyv2BU for ; Wed, 21 Jan 2009 22:43:53 -0800 (PST) Received: from flower.research.telcordia.com (flower.research.telcordia.com [128.96.41.5]) by core3.amsl.com (Postfix) with ESMTP id 78FBD28C0FA for ; Wed, 21 Jan 2009 22:43:53 -0800 (PST) Received: from mailee.research.telcordia.com (mailee.research.telcordia.com [192.4.16.29]) by flower.research.telcordia.com (8.14.2/8.14.2) with ESMTP id n0M6gTa1025399; Thu, 22 Jan 2009 01:42:29 -0500 (EST) Received: from [127.0.0.1] (vpntnlBw107 [128.96.59.107]) by mailee.research.telcordia.com (8.9.3/8.9.3) with ESMTP id BAA06109; Thu, 22 Jan 2009 01:43:35 -0500 (EST) Message-ID: <49781597.6080600@research.telcordia.com> Date: Thu, 22 Jan 2009 01:43:35 -0500 From: Subir Das User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: pana@ietf.org References: <7DBAFEC6A76F3E42817DF1EBE64CB02606293604@ftrdmel2> <20090121171712.GD28667@steelhead.localdomain> In-Reply-To: <20090121171712.GD28667@steelhead.localdomain> Subject: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="windows-1252"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Here is my review. Comment starts with ***. Pl. ignore those if raised = by others and sorry for the delay. regards, _Subir 1. Introduction The Protocol for carrying Authentication for Network Access (PANA) [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA (PANA Authentication Agent) in the access network. If the PaC is a mobile device and is capable of moving one access network to another *** moving 'from' one access network *** This document defines an extension to the PANA protocol [RFC5191] used for proactively executing EAP authentication and establishing a PANA SA (Security Association) between a PaC in an access network and a PAA in another access network to which the PaC may move. The proposed method operates across multiple AAA domains. *** In abstract =91administrative domains=92 but above =91AAA domains=92 ar= e used. Are they same? The document should use a consistent terminology. 2. Terminogy The following terms are used in this document in addition to the terms defined in [RFC5191]. Serving PAA (SPAA): A PAA that resides in the serving network and provides network access authentication for a particular PaC. For simplicity, this document assumes that there is only one SPAA in the serving network while the pre-authentication mechanism described in this document is generally applicable to the case where there are two or more SPAAs in the serving network. *** Not sure I understand the relevance of this in the definition *** Pre-authorization: An authorization for a PaC, made by a CPAA for the PaC at the time of pre-authentication. *** Do we need for the Pac again? Alternatively we can possibly say =91An Authorization made by CPAA for a PaC at the time of pre-authenticatio= n=94 Post-authorization: An authorization for a PaC, made by a CPAA for the PaC when the CPAA becomes the SPAA for the PaC. *** same as above *** There may be a number of criteria for CPAA selection, the timing to start pre-authentication and the timing to make a pre-authorization SA a post-authorization SA (and hence the CPAA becomes the SPAA). *** the text in the parenthesis is not clear *** When a CPAA with which the PaC has a pre-authorization SA becomes the SPAA due to, e.g., movement of the PaC, the PaC performs an IP address update procedure defined in Section 5.6 of [RFC5191] in order to update the SPAA with the PaC's new address obtained from the new serving network. PANA-Notification-Request (PNR) and PANA- Notification-Answer (PNA) messages with 'P' (Ping) bit set are used for this purpose. The completion of the IP address update procedure will change the pre-authorization SA to a post-authorization SA. In this case, the 'E' MUST NOT be set in the PNR and PNA messages and subsequent PANA messages. *** Missing =91bit=92 after =91E=92 *** If there is another CPAA with which the PaC has a pre-authorization SA and the PaC wants to keep the pre-authorization SA after the change of SPAA, the PaC also performs an IP address update procedure defined in Section 5.6 of [RFC5191] in order to update the CPAA with the PaC's new address. *** Not clear the purpose of the above operation. Even if PaC performs = IP address update, how long does it keep this SA? For example, if PaC moves to = another CPAA does it still need to maintain and continue this operation ? *** PNR and PNA messages with 'P' (Ping) bit set is used for this purpose. *** typo: should be =91are=92 *** In this case, the 'E' (prE-authentication) bit MUST be set in the PNR and PNA messages and subsequent PANA messages. The IP address update procedure with the CPAA will not change the pre-authorization SA to a post-authorization SA. The pre-authorization SA and the corresponding PANA session between the PaC and a CPAA is deleted by entering the termination phase of the PANA protocol. *** What will happen if Pac has multiple such pre-authorization SAs? *** E(PrE-authentication) When pre-authentication is performed, the 'E' (prE-authentication) bit of PANA messages are set in order to indicate whether this PANA run is for establishing a pre- authorization SA. *** Typo: should be =91is=92 5. Authorization and Accounting Considerations A pre-authorization and a post-authorization for the PaC may have different authorization policies. For example, the pre-authorization policy may not allow the PaC to sent or receive packets *** Typo: should be =91send=92 *** Security Considerations Since the mechanism described in this document is designed to work across multiple access networks, each EP in the serving network SHOULD be configured to allow PANA messages to be forwarded between a PaC and a CPAA only if the PaC has a post-authorization SA with the SPAA in order to avoid an unauthorized PaC to initiate pre- authentication. *** Not sure I understand the above. How a post-authorization with the SPAA obtained in the first place? *** Also, each access network that supports pre- authentication SHOULD block pre-authentication attempts from networks from which a handover is not likely to occur. *** Is there any relationship between handover protocol and pre-auth? How does access network will know that handover is not likely to occur? *** _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From kekesstt@admin.son.uab.edu Thu Jan 22 03:05:03 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5C59D3A692E for ; Thu, 22 Jan 2009 03:05:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.518 X-Spam-Level: X-Spam-Status: No, score=-14.518 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_IP_ADDR=1.119, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_NUMERIC_HELO=2.067, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3psZguLSw-9r for ; Thu, 22 Jan 2009 03:05:02 -0800 (PST) Received: from 92.41.185.224.sub.mbb.three.co.uk (92.41.185.224.sub.mbb.three.co.uk [92.41.185.224]) by core3.amsl.com (Postfix) with SMTP id 06EF23A69EB for ; Thu, 22 Jan 2009 03:04:53 -0800 (PST) To: Subject: Payment Accepted! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090122110456.06EF23A69EB@core3.amsl.com> Date: Thu, 22 Jan 2009 03:04:53 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.intuitionfig.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://intuitionfig.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 8, B767. 617 Clements Road. London. SE84 9DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From luckr@alum.rpi.edu Thu Jan 22 03:25:56 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E2E33A676A for ; Thu, 22 Jan 2009 03:25:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -69.755 X-Spam-Level: X-Spam-Status: No, score=-69.755 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 53EerBhWTpGZ for ; Thu, 22 Jan 2009 03:25:54 -0800 (PST) Received: from ametek.com (unknown [122.2.186.160]) by core3.amsl.com (Postfix) with SMTP id 9B3EC3A699E for ; Thu, 22 Jan 2009 03:25:52 -0800 (PST) To: Subject: RE: Administrator From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090122112553.9B3EC3A699E@core3.amsl.com> Date: Thu, 22 Jan 2009 03:25:52 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Click Here!

To unsubscribe from this mailing list, please log in to www.guidelegacy.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://guidelegacy.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 9, B599. 299 Clements Road. London. SE06 0DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From ntorasso@acequias.com.ar Thu Jan 22 05:13:49 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2291328C189 for ; Thu, 22 Jan 2009 05:13:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.042 X-Spam-Level: X-Spam-Status: No, score=-9.042 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_DYNAMIC_DIALIN=3.384, HELO_EQ_DIP_DIALIN=1.573, HOST_EQ_DIP_TDIAL=2.144, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tpk7m6IpPTcF for ; Thu, 22 Jan 2009 05:13:47 -0800 (PST) Received: from p4FDCFB95.dip.t-dialin.net (p4FDCFB95.dip.t-dialin.net [79.220.251.149]) by core3.amsl.com (Postfix) with SMTP id 1693628C16F for ; Thu, 22 Jan 2009 05:13:43 -0800 (PST) To: Subject: Re: Message from President From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090122131346.1693628C16F@core3.amsl.com> Date: Thu, 22 Jan 2009 05:13:43 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.courageoffice.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://courageoffice.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 5, B234. 667 Clements Road. London. SE64 5DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From kfouriamal@altijaria.com Thu Jan 22 08:38:24 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AA9E728C188 for ; Thu, 22 Jan 2009 08:38:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -24.189 X-Spam-Level: X-Spam-Status: No, score=-24.189 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HELO_EQ_TELESP=1.245, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN02=1.666, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mCd8HMvaWRZP for ; Thu, 22 Jan 2009 08:38:24 -0800 (PST) Received: from 200-161-110-90.dsl.telesp.net.br (200-161-110-90.dsl.telesp.net.br [200.161.110.90]) by core3.amsl.com (Postfix) with SMTP id DE15B28C1E3 for ; Thu, 22 Jan 2009 08:38:21 -0800 (PST) To: Subject: Re: BRANDKEYWORD, Ltd From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090122163822.DE15B28C1E3@core3.amsl.com> Date: Thu, 22 Jan 2009 08:38:21 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Click Here!

To unsubscribe from this mailing list, please log in to www.pointindicate.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://pointindicate.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 1, B773. 457 Clements Road. London. SE13 2DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From manuel.zapatadd@allianz.es Thu Jan 22 09:13:27 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4DA983A695B for ; Thu, 22 Jan 2009 09:13:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.503 X-Spam-Level: X-Spam-Status: No, score=-7.503 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_DSN=1.495, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HOST_EQ_BR=1.295, HOST_EQ_STATIC=1.172, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, SARE_RECV_IP_200150=0.612, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T2qQAUJMcUqq for ; Thu, 22 Jan 2009 09:13:25 -0800 (PST) Received: from abacusinfo.com (200-150-188-211.static-user.ajato.com.br [200.150.188.211]) by core3.amsl.com (Postfix) with SMTP id 3C55428C19C for ; Thu, 22 Jan 2009 09:13:22 -0800 (PST) To: Subject: Your Payment Has Been Initiated From: MIME-Version: 1.0 Importance: High Content-Type: text/html X-Antivirus: avast! (VPS 081109-0, 09/11/2008), Outbound message X-Antivirus-Status: Clean Message-Id: <20090122171323.3C55428C19C@core3.amsl.com> Date: Thu, 22 Jan 2009 09:13:22 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.quotientscore.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://quotientscore.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 5, B588. 232 Clements Road. London. SE39 2DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From pana-bounces@ietf.org Thu Jan 22 10:52:56 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 93D083A693C; Thu, 22 Jan 2009 10:52:56 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B72143A693C for ; Thu, 22 Jan 2009 10:52:55 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.477 X-Spam-Level: X-Spam-Status: No, score=-2.477 tagged_above=-999 required=5 tests=[AWL=0.078, BAYES_00=-2.599, DATE_IN_PAST_03_06=0.044] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5dFOHJrfleFl for ; Thu, 22 Jan 2009 10:52:54 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 7CEE03A67D7 for ; Thu, 22 Jan 2009 10:52:54 -0800 (PST) Received: from steelhead.localdomain (smtp.tari.toshiba.com [172.30.24.10]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0MHlsCS030723; Thu, 22 Jan 2009 12:47:55 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LQ0iM-0002H9-Uo; Thu, 22 Jan 2009 09:39:26 -0500 Date: Thu, 22 Jan 2009 09:39:26 -0500 From: Yoshihiro Ohba To: Subir Das Message-ID: <20090122143926.GA8050@steelhead.localdomain> References: <4978A094.5080903@research.telcordia.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4978A094.5080903@research.telcordia.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Thank you Subir for the review. Yes, some of your comments were already raised by others and resolution is proposed. So let me ignore those. Please see my comments below. > > *** In abstract $B!F(Badministrative domains$B!G(B but above $B!F(BAAA domains$B!G(B are used. > > Are they same? The document should use a consistent terminology. We should consistently use AAA domains. Thanks. > > > 2. Terminogy > > The following terms are used in this document in addition to the > > terms defined in [RFC5191]. > > Serving PAA (SPAA): A PAA that resides in the serving network and > > provides network access authentication for a particular PaC. For > > simplicity, this document assumes that there is only one SPAA in > > the serving network while the pre-authentication mechanism > > described in this document is generally applicable to the case > > where there are two or more SPAAs in the serving network. > > *** Not sure I understand the relevance of this in the definition *** I agree. We can remove the sentence "For simplicity, ....". > > > Pre-authorization: An authorization for a PaC, made by a CPAA for > > the PaC at the time of pre-authentication. > > *** Do we need for the Pac again? Alternatively we can possibly say > > $B!F(BAn Authorization made by CPAA for a PaC at the time of pre-authentication$B!I(B I agree, your text is better. > > Post-authorization: An authorization for a PaC, made by a CPAA for > > the PaC when the CPAA becomes the SPAA for the PaC. > > *** same as above *** I agree. > > There may be a number of criteria for CPAA selection, the timing to > > start pre-authentication and the timing to make a pre-authorization > > SA a post-authorization SA (and hence the CPAA becomes the SPAA). > > *** the text in the parenthesis is not clear *** The parenthesis is based on the definition of post-authorization in section 2. > > When a CPAA with which the PaC has a pre-authorization SA becomes the > > SPAA due to, e.g., movement of the PaC, the PaC performs an IP > > address update procedure defined in Section 5.6 of [RFC5191] in order > > to update the SPAA with the PaC's new address obtained from the new > > serving network. PANA-Notification-Request (PNR) and PANA- > > Notification-Answer (PNA) messages with 'P' (Ping) bit set are used > > for this purpose. The completion of the IP address update procedure > > will change the pre-authorization SA to a post-authorization SA. In > > this case, the 'E' MUST NOT be set in the PNR and PNA messages and > > subsequent PANA messages. > > *** Missing $B!F(Bbit$B!G(B after $B!F(BE$B!G(B *** You are right, 'bit' is needed. > > If there is another CPAA with which the PaC has a pre-authorization > > SA and the PaC wants to keep the pre-authorization SA after the > > change of SPAA, the PaC also performs an IP address update procedure > > defined in Section 5.6 of [RFC5191] in order to update the CPAA with > > the PaC's new address. > > *** Not clear the purpose of the above operation. Even if PaC performs > IP address > update, how long does it keep this SA? For example, if PaC moves to > another CPAA does > > it still need to maintain and continue this operation ? *** IP address update itself does not affect the SA lifetime for CPAA. You have a good point that maintaining the SA for a CPAA after the movement to another CPAA does not have to be a mandatory operation. I agree that this paragraph needs to be revised accordingly. > > PNR and PNA messages with 'P' (Ping) bit set is used for this purpose. > > *** typo: should be $B!F(Bare$B!G(B *** OK. > > In this case, the 'E' (prE-authentication) > > bit MUST be set in the PNR and PNA messages and subsequent PANA > > messages. The IP address update procedure with the CPAA will not > > change the pre-authorization SA to a post-authorization SA. > > The pre-authorization SA and the corresponding PANA session between > > the PaC and a CPAA is deleted by entering the termination phase of > > the PANA protocol. > > *** What will happen if Pac has multiple such pre-authorization SAs? *** If there are multiple CPAAs, the procedure is performed per-CPAA basis. > > E(PrE-authentication) When pre-authentication is performed, the 'E' > > (prE-authentication) bit of PANA messages are set in order to > > indicate whether this PANA run is for establishing a pre- > > authorization SA. > > *** Typo: should be $B!F(Bis$B!G(B OK. > > > 5. Authorization and Accounting Considerations > > A pre-authorization and a post-authorization for the PaC may have > > different authorization policies. For example, the pre-authorization > > policy may not allow the PaC to sent or receive packets > > *** Typo: should be $B!F(Bsend$B!G(B *** > > Security Considerations > > Since the mechanism described in this document is designed to work > > across multiple access networks, each EP in the serving network > > SHOULD be configured to allow PANA messages to be forwarded between a > > PaC and a CPAA only if the PaC has a post-authorization SA with the > > SPAA in order to avoid an unauthorized PaC to initiate pre- > > authentication. > > *** Not sure I understand the above. How a post-authorization with the > SPAA obtained in the first place? *** > > > Also, each access network that supports pre- > > authentication SHOULD block pre-authentication attempts from networks > > from which a handover is not likely to occur. > > *** Is there any relationship between handover protocol and pre-auth? There is no relationship between a specific handover protocol and PANA pre-auth. It's just a matter of changing from one access network to another. Having said that we can revise the text something like: " Also, each access network that supports pre-authentication SHOULD block pre-authentication attempts from networks from which a change of access network is not likely to occur. " > > How does access network will know that handover is not likely to occur? *** > For example, handover is not likely to happen between an access network in Tokyo and an access network in NYC. Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From alex@gmn.ru Thu Jan 22 11:32:14 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8EE223A68D0; Thu, 22 Jan 2009 11:32:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -55.954 X-Spam-Level: X-Spam-Status: No, score=-55.954 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_RFC_BOGUSMX=1.482, FH_HELO_EQ_D_D_D_D=1.597, HELO_MISMATCH_COM=0.553, HOST_EQ_PL=1.95, RCVD_IN_XBL=3.033, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 88ky+z+pBy32; Thu, 22 Jan 2009 11:32:13 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (host.wss5.pl [87.239.45.10]) by core3.amsl.com (Postfix) with SMTP id AF4C328C102; Thu, 22 Jan 2009 11:31:57 -0800 (PST) X-Originating-IP: 141.204.168.65 by smtp.212.95.32.105; Thu, 22 Jan 2009 20:26:27 +0100 Message-ID: Subject: Save thousands... no one will know Date: Thu, 22 Jan 2009 14:34:27 -0500 From: "Marta Allison" To: "Peggy Bonilla" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Peggy, Looking for a Tag Heuer? How about getting two, one for you and one for your spouse? http://butlerrpg.c0n.us We are offering wholesaler prices on all watches during the month of January 2009. http://butlerrpg.c0n.us Our Tag Heuer watches have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Bonilla From aa3330@pg.com Thu Jan 22 11:52:26 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D188028C26F; Thu, 22 Jan 2009 11:52:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -61.514 X-Spam-Level: X-Spam-Status: No, score=-61.514 tagged_above=-999 required=5 tests=[BAYES_60=1, FH_HELO_EQ_D_D_D_D=1.597, HELO_MISMATCH_COM=0.553, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DmW9ZgQOczq2; Thu, 22 Jan 2009 11:52:20 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (f053181138.adsl.alicedsl.de [78.53.181.138]) by core3.amsl.com (Postfix) with SMTP id ACFC03A6844; Thu, 22 Jan 2009 11:52:08 -0800 (PST) X-Originating-IP: 64.146.238.74 by smtp.212.95.32.105; Thu, 22 Jan 2009 14:47:14 -0500 Message-ID: Subject: Looking for a rep watch? Date: Thu, 22 Jan 2009 14:54:14 -0500 From: "Pam Stout" To: "Cornelia Thorne" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Cornelia, Looking for a Emporio Armani? How about getting two, one for you and one for your spouse? http://rogersheq.hoster3.com Take an extra 15% off your purchase during month of January (2009). http://rogersheq.hoster3.com Our Emporio Armani watches have Weights/feels and looks exactly same as original. Sincerely, Mr Thorne From betsey@betseynelson.com Thu Jan 22 12:07:32 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9995828C277; Thu, 22 Jan 2009 12:07:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -44.418 X-Spam-Level: X-Spam-Status: No, score=-44.418 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pEf6CUs4YiUh; Thu, 22 Jan 2009 12:07:32 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (199.194.86-79.rev.gaoland.net [79.86.194.199]) by core3.amsl.com (Postfix) with SMTP id 4F57C3A6931; Thu, 22 Jan 2009 12:07:22 -0800 (PST) X-Originating-IP: 66.144.149.169 by smtp.212.95.32.105; Fri, 23 Jan 2009 01:06:53 +0500 Message-ID: Subject: Watches for him, her and you Date: Thu, 22 Jan 2009 15:09:53 -0500 From: "Augustine Rollins" To: "Yvette Baldwin" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Yvette, Looking for a Jaeger LeCoultre? How about getting two, one for you and one for your spouse? http://jamesehu.freeservercity.com We are offering wholesaler prices on all watches during the month of January 2009. http://jamesehu.freeservercity.com Our Jaeger LeCoultre watches have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Baldwin From pana-bounces@ietf.org Thu Jan 22 12:34:31 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 14CCA28C28F; Thu, 22 Jan 2009 12:34:31 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A96C128C28B for ; Thu, 22 Jan 2009 12:34:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UXGLNwbzq6N8 for ; Thu, 22 Jan 2009 12:34:24 -0800 (PST) Received: from flower.research.telcordia.com (flower.research.telcordia.com [128.96.41.5]) by core3.amsl.com (Postfix) with ESMTP id 46B4928C28F for ; Thu, 22 Jan 2009 12:34:23 -0800 (PST) Received: from mailee.research.telcordia.com (mailee.research.telcordia.com [192.4.16.29]) by flower.research.telcordia.com (8.14.2/8.14.2) with ESMTP id n0MKWwZQ003386; Thu, 22 Jan 2009 15:32:58 -0500 (EST) Received: from [127.0.0.1] (vpntnlBw107 [128.96.59.107]) by mailee.research.telcordia.com (8.9.3/8.9.3) with ESMTP id PAA06488; Thu, 22 Jan 2009 15:34:05 -0500 (EST) Message-ID: <4978D83D.6070000@research.telcordia.com> Date: Thu, 22 Jan 2009 15:34:05 -0500 From: Subir Das User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: Yoshihiro Ohba References: <4978A094.5080903@research.telcordia.com> <20090122143926.GA8050@steelhead.localdomain> In-Reply-To: <20090122143926.GA8050@steelhead.localdomain> Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Thanks. I have one suggestion on the following: Also, each access network that supports pre- > > authentication SHOULD block pre-authentication attempts from networks > > from which a handover is not likely to occur. > > *** Is there any relationship between handover protocol and pre-auth? There is no relationship between a specific handover protocol and PANA pre-auth. It's just a matter of changing from one access network to another. Having said that we can revise the text something like: " Also, each access network that supports pre-authentication SHOULD block pre-authentication attempts from networks from which a change of access network is not likely to occur. " But the question remains; how the access network will know "handover is not likely to occur"? Since this draft possibly can not solve this problem, it may be better to explicitly mention that how access network identify this, it is outside the scope of this work. > > Yoshihiro Ohba wrote: > Thank you Subir for the review. > > Yes, some of your comments were already raised by others and > resolution is proposed. So let me ignore those. > > Please see my comments below. > > >> *** In abstract $B!F(Badministrative domains$B!G(B but above $B!F(BAAA domains$B!G(B are used. >> >> Are they same? The document should use a consistent terminology. >> > > We should consistently use AAA domains. Thanks. > > >> 2. Terminogy >> >> The following terms are used in this document in addition to the >> >> terms defined in [RFC5191]. >> >> Serving PAA (SPAA): A PAA that resides in the serving network and >> >> provides network access authentication for a particular PaC. For >> >> simplicity, this document assumes that there is only one SPAA in >> >> the serving network while the pre-authentication mechanism >> >> described in this document is generally applicable to the case >> >> where there are two or more SPAAs in the serving network. >> >> *** Not sure I understand the relevance of this in the definition *** >> > > I agree. We can remove the sentence "For simplicity, ....". > > >> Pre-authorization: An authorization for a PaC, made by a CPAA for >> >> the PaC at the time of pre-authentication. >> >> *** Do we need for the Pac again? Alternatively we can possibly say >> >> $B!F(BAn Authorization made by CPAA for a PaC at the time of pre-authentication$B!I(B >> > > I agree, your text is better. > > >> Post-authorization: An authorization for a PaC, made by a CPAA for >> >> the PaC when the CPAA becomes the SPAA for the PaC. >> >> *** same as above *** >> > > I agree. > > >> There may be a number of criteria for CPAA selection, the timing to >> >> start pre-authentication and the timing to make a pre-authorization >> >> SA a post-authorization SA (and hence the CPAA becomes the SPAA). >> >> *** the text in the parenthesis is not clear *** >> > > The parenthesis is based on the definition of post-authorization in > section 2. > > >> When a CPAA with which the PaC has a pre-authorization SA becomes the >> >> SPAA due to, e.g., movement of the PaC, the PaC performs an IP >> >> address update procedure defined in Section 5.6 of [RFC5191] in order >> >> to update the SPAA with the PaC's new address obtained from the new >> >> serving network. PANA-Notification-Request (PNR) and PANA- >> >> Notification-Answer (PNA) messages with 'P' (Ping) bit set are used >> >> for this purpose. The completion of the IP address update procedure >> >> will change the pre-authorization SA to a post-authorization SA. In >> >> this case, the 'E' MUST NOT be set in the PNR and PNA messages and >> >> subsequent PANA messages. >> >> *** Missing $B!F(Bbit$B!G(B after $B!F(BE$B!G(B *** >> > > You are right, 'bit' is needed. > > >> If there is another CPAA with which the PaC has a pre-authorization >> >> SA and the PaC wants to keep the pre-authorization SA after the >> >> change of SPAA, the PaC also performs an IP address update procedure >> >> defined in Section 5.6 of [RFC5191] in order to update the CPAA with >> >> the PaC's new address. >> >> *** Not clear the purpose of the above operation. Even if PaC performs >> IP address >> update, how long does it keep this SA? For example, if PaC moves to >> another CPAA does >> >> it still need to maintain and continue this operation ? *** >> > > IP address update itself does not affect the SA lifetime for CPAA. > You have a good point that maintaining the SA for a CPAA after the > movement to another CPAA does not have to be a mandatory operation. > I agree that this paragraph needs to be revised accordingly. > > >> PNR and PNA messages with 'P' (Ping) bit set is used for this purpose. >> >> *** typo: should be $B!F(Bare$B!G(B *** >> > > OK. > > >> In this case, the 'E' (prE-authentication) >> >> bit MUST be set in the PNR and PNA messages and subsequent PANA >> >> messages. The IP address update procedure with the CPAA will not >> >> change the pre-authorization SA to a post-authorization SA. >> >> The pre-authorization SA and the corresponding PANA session between >> >> the PaC and a CPAA is deleted by entering the termination phase of >> >> the PANA protocol. >> >> *** What will happen if Pac has multiple such pre-authorization SAs? *** >> > > If there are multiple CPAAs, the procedure is performed per-CPAA > basis. > > >> E(PrE-authentication) When pre-authentication is performed, the 'E' >> >> (prE-authentication) bit of PANA messages are set in order to >> >> indicate whether this PANA run is for establishing a pre- >> >> authorization SA. >> >> *** Typo: should be $B!F(Bis$B!G(B >> > > OK. > > >> 5. Authorization and Accounting Considerations >> >> A pre-authorization and a post-authorization for the PaC may have >> >> different authorization policies. For example, the pre-authorization >> >> policy may not allow the PaC to sent or receive packets >> >> *** Typo: should be $B!F(Bsend$B!G(B *** >> >> Security Considerations >> >> Since the mechanism described in this document is designed to work >> >> across multiple access networks, each EP in the serving network >> >> SHOULD be configured to allow PANA messages to be forwarded between a >> >> PaC and a CPAA only if the PaC has a post-authorization SA with the >> >> SPAA in order to avoid an unauthorized PaC to initiate pre- >> >> authentication. >> >> *** Not sure I understand the above. How a post-authorization with the >> SPAA obtained in the first place? *** >> >> >> Also, each access network that supports pre- >> >> authentication SHOULD block pre-authentication attempts from networks >> >> from which a handover is not likely to occur. >> >> *** Is there any relationship between handover protocol and pre-auth? >> > > There is no relationship between a specific handover protocol and PANA > pre-auth. It's just a matter of changing from one access network to > another. Having said that we can revise the text something like: > > " > Also, each access network that supports pre-authentication SHOULD > block pre-authentication attempts from networks from which a change of > access network is not likely to occur. > " > > >> How does access network will know that handover is not likely to occur? *** >> >> > > For example, handover is not likely to happen between an access network in Tokyo > and an access network in NYC. > > Yoshihiro Ohba > > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Thu Jan 22 17:54:29 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 268873A6932; Thu, 22 Jan 2009 17:54:29 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 45E523A67DF for ; Thu, 22 Jan 2009 17:54:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.542 X-Spam-Level: X-Spam-Status: No, score=-2.542 tagged_above=-999 required=5 tests=[AWL=0.057, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2D4YWD6tuCVb for ; Thu, 22 Jan 2009 17:54:21 -0800 (PST) Received: from flower.research.telcordia.com (flower.research.telcordia.com [128.96.41.5]) by core3.amsl.com (Postfix) with ESMTP id 5F9903A6932 for ; Thu, 22 Jan 2009 17:54:21 -0800 (PST) Received: from [192.4.8.228] (ar8-228.research.telcordia.com [192.4.8.228]) by flower.research.telcordia.com (8.14.2/8.14.2) with ESMTP id n0N1qpBP024278; Thu, 22 Jan 2009 20:52:51 -0500 (EST) Message-ID: <49792337.5000008@research.telcordia.com> Date: Thu, 22 Jan 2009 20:53:59 -0500 From: Ashutosh Dutta User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: Yoshihiro Ohba References: In-Reply-To: Cc: pana@ietf.org Subject: [Pana] Review of - Re: WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Yoshi, Although many of the comments are already addressed by other reviewers, here are some additional comments. Thanks Ashutosh ****************************************************************************** Introduction The Protocol for carrying Authentication for Network Access (PANA) [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA (PANA Authentication Agent) in the access network. If the PaC is a mobile device and is capable of moving one access network to another while running its applications, it is critical for the PaC to perform a handover seamlessly without degrading the performance of the applications during the handover period. When the handover requires the PaC to establish a PANA session with the PAA in the new access network, the signaling to establish the PANA session should be completed as fast as possible. AD: What is *as fast as possible*, can we give some values or threshold based on some ITU parameters, probably. Terminology: Pre-authorization: An authorization for a PaC, made by a CPAA for the PaC at the time of pre-authentication. AD: Do we need to define authorization somewhere, what it means and which components are involved in the process? Pre-authentication Procedure: When a CPAA initiates pre-authentication, it sends a PAR message with the 'S' (Start) and 'E' (prE-authentication) bits set. The PaC responds with a PANA-Auth-Answer (PAN) message with the 'S' (Start) and 'E' (prE-authentication) bits set only if it supports pre-authentication. Otherwise, it MUST silently discard the message. AD: How does CPAA know the address of PaC to initiate the process? When a CPAA with which the PaC has a pre-authorization SA becomes the SPAA due to, e.g., movement of the PaC, the PaC performs an IP address update procedure defined in Section 5.6 of [RFC5191] AD: procedure *as* defined in Section 5.6 of [RFC5191] The IP address update procedure with the CPAA will not change the pre-authorization SA to a post-authorization SA. AD: Above sentence is not very clear. What is the IP address update procedure here? Authorization and Accounting Considerations: while both the pre-authorization and post-authorization policies may allow installing credentials to the EP, AD: installing credentials in the EP Security Considerations : In order to avoid possible resource consumption attacks on the PaC caused by a blind attacker initiating pre- authentication for the PaC by changing source addresses, the PaC SHOULD limit the maximum number of CPAAs allowed to communicate. AD: What do you mean by *blind* attacker? Thanks Ashutosh Basavaraj Patil wrote: > Hello, > > This is a WG last call for I-D: Pre-authentication Support for PANA > . > > The last call will end on January 22nd, 09. Please send your comments > to the mailing list prior to the deadline. > > -Chairs > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From sordosmtpmsordo@aasasoft.com Fri Jan 23 00:54:11 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AC13A3A697E; Fri, 23 Jan 2009 00:54:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -17.308 X-Spam-Level: X-Spam-Status: No, score=-17.308 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_MISMATCH_COM=0.553, HOST_EQ_BR=1.295, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_RECV_SPAM_DOMN02=1.666, TVD_RCVD_IP=1.931, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sICF5vTaShDV; Fri, 23 Jan 2009 00:54:11 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (201-68-76-150.dsl.telesp.net.br [201.68.76.150]) by core3.amsl.com (Postfix) with SMTP id EA18A3A68AA; Fri, 23 Jan 2009 00:53:45 -0800 (PST) X-Originating-IP: 209.140.168.216 by smtp.212.95.32.105; Fri, 23 Jan 2009 03:53:15 -0500 Message-ID: Subject: Looking for a rep watch? Date: Fri, 23 Jan 2009 03:56:15 -0500 From: "Kitty Hebert" To: "Janelle Greenwood" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Janelle, New Year is the time to get Omega watch, and the only place to get top notch watches that look and perform exactly like the originals is http://www.tallgive.com Get two deeply discounted watches and take an extra 15% discount. http://www.tallgive.com Our Omega watches have perfect weight and feel same as orginal. Sincerely, Mr Greenwood From nathan.diehld@ab1cs.com Fri Jan 23 03:07:10 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B71C28C15B for ; Fri, 23 Jan 2009 03:07:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.179 X-Spam-Level: X-Spam-Status: No, score=-22.179 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Je8zd2c61k+V for ; Fri, 23 Jan 2009 03:07:09 -0800 (PST) Received: from 1216wbeo.com (unknown [122.167.28.219]) by core3.amsl.com (Postfix) with SMTP id E428D3A6A56 for ; Fri, 23 Jan 2009 03:07:03 -0800 (PST) To: Subject: RECOVERY: o23516 is OK From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090123110704.E428D3A6A56@core3.amsl.com> Date: Fri, 23 Jan 2009 03:07:03 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Click Here!

To unsubscribe from this mailing list, please log in to www.grouptheir.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://grouptheir.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 3, B403. 096 Clements Road. London. SE01 2DG

© 2006-2009 BRANDKEYWORD, Ltd. All Rights Reserved

From jprasadd@aig.com Fri Jan 23 03:48:26 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8BAA63A6843 for ; Fri, 23 Jan 2009 03:48:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.268 X-Spam-Level: X-Spam-Status: No, score=-15.268 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QV7I2K88PbDa for ; Fri, 23 Jan 2009 03:48:25 -0800 (PST) Received: from ip-26-130.sn1.eutelia.it (ip-26-130.sn1.eutelia.it [62.94.26.130]) by core3.amsl.com (Postfix) with SMTP id AF5C83A6802 for ; Fri, 23 Jan 2009 03:48:24 -0800 (PST) To: Subject: Great Finds From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090123114824.AF5C83A6802@core3.amsl.com> Date: Fri, 23 Jan 2009 03:48:24 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.ordeep.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://ordeep.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 6, B444. 752 Clements Road. London. SE38 2DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From pana-bounces@ietf.org Fri Jan 23 12:15:02 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C7E728C23B; Fri, 23 Jan 2009 12:15:02 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2B24F28C23A for ; Fri, 23 Jan 2009 12:15:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.503 X-Spam-Level: X-Spam-Status: No, score=-2.503 tagged_above=-999 required=5 tests=[AWL=0.096, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qK6CgttxMPAj for ; Fri, 23 Jan 2009 12:15:00 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 0A5C728C236 for ; Fri, 23 Jan 2009 12:14:59 -0800 (PST) Received: from steelhead.localdomain (tarij-62.tari.toshiba.com [172.30.24.110]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0NKBhGX043497; Fri, 23 Jan 2009 15:11:43 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LQSQF-0002YF-4P; Fri, 23 Jan 2009 15:14:35 -0500 Date: Fri, 23 Jan 2009 15:14:35 -0500 From: Yoshihiro Ohba To: Subir Das Message-ID: <20090123201435.GB9714@steelhead.localdomain> References: <4978A094.5080903@research.telcordia.com> <20090122143926.GA8050@steelhead.localdomain> <4978D83D.6070000@research.telcordia.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4978D83D.6070000@research.telcordia.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org On Thu, Jan 22, 2009 at 03:34:05PM -0500, Subir Das wrote: > Thanks. I have one suggestion on the following: > > Also, each access network that supports pre- > > > > authentication SHOULD block pre-authentication attempts from networks > > > > from which a handover is not likely to occur. > > > > *** Is there any relationship between handover protocol and pre-auth? > > > There is no relationship between a specific handover protocol and PANA > pre-auth. It's just a matter of changing from one access network to > another. Having said that we can revise the text something like: > > " > Also, each access network that supports pre-authentication SHOULD > block pre-authentication attempts from networks from which a change of > access network is not likely to occur. > " > > > But the question remains; how the access network will know "handover is > not likely to occur"? Since this draft possibly can not solve this problem, > it may be better to explicitly mention that how access network identify this, > it is outside the scope of this work. I agree. Yoshihiro Ohba _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Fri Jan 23 12:33:29 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 593E628C131; Fri, 23 Jan 2009 12:33:29 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C4A5028C131 for ; Fri, 23 Jan 2009 12:33:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.507 X-Spam-Level: X-Spam-Status: No, score=-2.507 tagged_above=-999 required=5 tests=[AWL=0.092, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8h-0jY2WvKNS for ; Fri, 23 Jan 2009 12:33:27 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id AF5A73A67B0 for ; Fri, 23 Jan 2009 12:33:27 -0800 (PST) Received: from steelhead.localdomain (tarij-62.tari.toshiba.com [172.30.24.110]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0NKU6h8043893; Fri, 23 Jan 2009 15:30:06 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LQSi1-0002b0-U5; Fri, 23 Jan 2009 15:32:57 -0500 Date: Fri, 23 Jan 2009 15:32:57 -0500 From: Yoshihiro Ohba To: Ashutosh Dutta Message-ID: <20090123203257.GC9714@steelhead.localdomain> References: <49792337.5000008@research.telcordia.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <49792337.5000008@research.telcordia.com> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: pana@ietf.org Subject: Re: [Pana] Review of - Re: WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Ashutosh, Thank you for the review. On Thu, Jan 22, 2009 at 08:53:59PM -0500, Ashutosh Dutta wrote: > Introduction > The Protocol for carrying Authentication for Network Access (PANA) > [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA > (PANA Authentication Agent) in the access network. If the PaC is a > mobile device and is capable of moving one access network to another > while running its applications, it is critical for the PaC to perform a > handover seamlessly without degrading the performance of the > applications during the handover period. When the handover requires the > PaC to establish a PANA session with the PAA in the new access network, > the signaling to establish the PANA session should be completed as fast > as possible. > > AD: What is *as fast as possible*, can we give some values or threshold > based on some ITU parameters, probably. We can add a reference here to hokey-preauth-ps draft for the actual values. > > Terminology: > > Pre-authorization: An authorization for a PaC, made by a CPAA for the > PaC at the time of pre-authentication. > > AD: Do we need to define authorization somewhere, what it means and > which components are involved in the process? > > Pre-authentication Procedure: > > When a CPAA initiates pre-authentication, it sends a PAR message with > the 'S' (Start) and 'E' (prE-authentication) bits set. The PaC responds > with a PANA-Auth-Answer (PAN) message with the 'S' (Start) and 'E' > (prE-authentication) bits set only if it supports pre-authentication. > Otherwise, it MUST silently discard the message. > > AD: How does CPAA know the address of PaC to initiate the process? It is described as out of scope: " There may be several mechanisms for a PaC and a CPAA to discover each other. However, such mechanisms are out of the scope of this document. " > > When a CPAA with which the PaC has a pre-authorization SA becomes the > SPAA due to, e.g., movement of the PaC, the PaC performs an IP address > update procedure defined in Section 5.6 of [RFC5191] > > AD: procedure *as* defined in Section 5.6 of [RFC5191] OK. > > The IP address update procedure with the CPAA will not change the > pre-authorization SA to a post-authorization SA. > > AD: Above sentence is not very clear. What is the IP address update > procedure here? It means the IP address updated procedure as described in Section 5.6 of [RFC5191], but additionally with 'E' bit set. > > Authorization and Accounting Considerations: > > while both the pre-authorization and post-authorization policies may > allow installing credentials to the EP, > > AD: installing credentials in the EP OK. > > Security Considerations : > > In order to avoid possible resource consumption attacks on the PaC > caused by a blind attacker initiating pre- authentication for the PaC by > changing source addresses, the PaC SHOULD limit the maximum number of > CPAAs allowed to communicate. > > AD: What do you mean by *blind* attacker? It means an attacker that can generate forged PANA messages without need to intercept PANA messages being exchanges between PaC and PAA. However, we can simply replace "a blind attacker" with "an attacker" without losing what needs to convey here. Best Regards, Yoshihiro Ohba > > Thanks > Ashutosh > > Basavaraj Patil wrote: >> Hello, >> >> This is a WG last call for I-D: Pre-authentication Support for PANA >> . >> >> The last call will end on January 22nd, 09. Please send your comments >> to the mailing list prior to the deadline. >> >> -Chairs >> >> _______________________________________________ >> Pana mailing list >> Pana@ietf.org >> https://www.ietf.org/mailman/listinfo/pana >> > > _______________________________________________ > Pana mailing list > Pana@ietf.org > https://www.ietf.org/mailman/listinfo/pana > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From muyie@alphatech.com Fri Jan 23 15:35:31 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 050353A6B63 for ; Fri, 23 Jan 2009 15:35:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.026 X-Spam-Level: X-Spam-Status: No, score=-13.026 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_NET=0.611, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aMEix50gomoI for ; Fri, 23 Jan 2009 15:35:30 -0800 (PST) Received: from alphy.net (unknown [200.159.62.226]) by core3.amsl.com (Postfix) with SMTP id D7D873A6B3A for ; Fri, 23 Jan 2009 15:35:27 -0800 (PST) To: Subject: Your Payment Has Been Initiated From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090123233528.D7D873A6B3A@core3.amsl.com> Date: Fri, 23 Jan 2009 15:35:27 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.majorrose.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://majorrose.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 9, B393. 138 Clements Road. London. SE72 3DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From jmcintire@accurohealth.com Fri Jan 23 16:04:05 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 97A9A3A6866 for ; Fri, 23 Jan 2009 16:04:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.848 X-Spam-Level: X-Spam-Status: No, score=-16.848 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O3PHCkp9WLOG for ; Fri, 23 Jan 2009 16:04:04 -0800 (PST) Received: from amberton.edu (unknown [201.79.235.28]) by core3.amsl.com (Postfix) with SMTP id 825603A6867 for ; Fri, 23 Jan 2009 16:03:53 -0800 (PST) To: Subject: Receipt for Your Payment From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090124000356.825603A6867@core3.amsl.com> Date: Fri, 23 Jan 2009 16:03:53 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.comparedollar.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://comparedollar.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 7, B200. 835 Clements Road. London. SE69 2DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From hpereira@sugartest.com Sat Jan 24 02:30:46 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 810F628C2A2; Sat, 24 Jan 2009 02:30:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.347 X-Spam-Level: X-Spam-Status: No, score=-13.347 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jbA-aiPj3yP9; Sat, 24 Jan 2009 02:30:45 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (unknown [92.124.18.138]) by core3.amsl.com (Postfix) with SMTP id 76BB728C296; Sat, 24 Jan 2009 02:30:27 -0800 (PST) X-Originating-IP: 46.159.87.119 by smtp.212.95.32.105; Sat, 24 Jan 2009 09:30:55 -0100 Message-ID: Subject: Check out the Franck Muller watches! Date: Sat, 24 Jan 2009 05:32:55 -0500 From: "Ollie Corbin" To: "Vonda Milton" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Vonda, I had never seen such beautiful and greatly-performing watches like the ones I found online at http://www.maintall.com The best news is that in January (2009) you can buy two watches and get an extra 15% off your purchase! http://www.maintall.com Our Franck Muller watches have perfect weight and feel same as orginal. Sincerely, Mr Milton From nolan5@advantagecoaching.com Sat Jan 24 06:22:45 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 42D023A6B2C for ; Sat, 24 Jan 2009 06:22:45 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -24.987 X-Spam-Level: X-Spam-Status: No, score=-24.987 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DYNAMIC=1.144, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cr4tYw0ajkKi for ; Sat, 24 Jan 2009 06:22:44 -0800 (PST) Received: from 93-120-178-152.dynamic.mts-nn.ru (93-120-161-19.dynamic.mts-nn.ru [93.120.161.19]) by core3.amsl.com (Postfix) with SMTP id 441713A6A81 for ; Sat, 24 Jan 2009 06:22:42 -0800 (PST) To: Subject: Great Finds From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090124142243.441713A6A81@core3.amsl.com> Date: Sat, 24 Jan 2009 06:22:42 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.cowplease.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://cowplease.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 2, B323. 141 Clements Road. London. SE36 5DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From mctiffin@alexander-kreis.de Sat Jan 24 08:02:46 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DF9FD28C2EC for ; Sat, 24 Jan 2009 08:02:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -25.825 X-Spam-Level: X-Spam-Status: No, score=-25.825 tagged_above=-999 required=5 tests=[AWL=8.242, BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lcr2DxmqQBrr for ; Sat, 24 Jan 2009 08:02:46 -0800 (PST) Received: from 60-228-113-92.pool.ukrtel.net (63-241-113-92.pool.ukrtel.net [92.113.241.63]) by core3.amsl.com (Postfix) with SMTP id F3EFD28C2E3 for ; Sat, 24 Jan 2009 08:02:44 -0800 (PST) To: Subject: Message from InterScan Messaging Security Suite From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090124160244.F3EFD28C2E3@core3.amsl.com> Date: Sat, 24 Jan 2009 08:02:44 -0800 (PST)

Having trouble viewing this email? Click here to view as a webpage.

Best prices! Go to Our Site!

This email was sent to:

This email was sent by: Canadian Internet Services, Inc.
838 Taylor Road P.O. Box 1594


We respect your right to privacy - view our policy

Manage Subscriptions | Update Profile | One-Click Unsubscribe
From mail@anamaxinc.com Sat Jan 24 09:45:31 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 052DA28C2E5 for ; Sat, 24 Jan 2009 09:45:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -15.967 X-Spam-Level: X-Spam-Status: No, score=-15.967 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_DYNAMIC_SPLIT_IP=3.493, HELO_EQ_BR=0.955, HELO_EQ_DSL=1.129, HELO_EQ_IP_ADDR=1.119, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_NUMERIC_HELO=2.067, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6f4ohQM9KUt6 for ; Sat, 24 Jan 2009 09:45:30 -0800 (PST) Received: from 189.27.229.192.adsl.gvt.net.br (189.27.229.192.adsl.gvt.net.br [189.27.229.192]) by core3.amsl.com (Postfix) with SMTP id 43C6528C217 for ; Sat, 24 Jan 2009 09:45:28 -0800 (PST) To: Subject: PayPal - Email Handling Opinion Needed From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090124174529.43C6528C217@core3.amsl.com> Date: Sat, 24 Jan 2009 09:45:28 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.funintuition.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://funintuition.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 0, B547. 029 Clements Road. London. SE74 8DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From johnsonr@agriquality.com Sat Jan 24 12:45:49 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9B11328C0CE for ; Sat, 24 Jan 2009 12:45:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -24.283 X-Spam-Level: X-Spam-Status: No, score=-24.283 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1uLImB63mgEK for ; Sat, 24 Jan 2009 12:45:48 -0800 (PST) Received: from 5acf173c.bb.sky.com (5acf173c.bb.sky.com [90.207.23.60]) by core3.amsl.com (Postfix) with SMTP id EB32C28B797 for ; Sat, 24 Jan 2009 12:45:46 -0800 (PST) To: Subject: Re: Message from President From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090124204547.EB32C28B797@core3.amsl.com> Date: Sat, 24 Jan 2009 12:45:46 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.oppositereciprocity.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://oppositereciprocity.com/faq.php

Privacy Statement | Terms & Conditions | Contact

BRANDKEYWORD Ltd.
Tower Bridge Business Complex. Unit 9, B704. 783 Clements Road. London. SE70 4DG

© 2006-2008 BRANDKEYWORD, Ltd. All Rights Reserved

From muckily@amexinc.com Sun Jan 25 04:56:15 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EA6583A6A68 for ; Sun, 25 Jan 2009 04:56:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -47.095 X-Spam-Level: X-Spam-Status: No, score=-47.095 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_28=1.561, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EU7tUl2LXtF5 for ; Sun, 25 Jan 2009 04:56:15 -0800 (PST) Received: from agrosuper.com (unknown [85.98.151.182]) by core3.amsl.com (Postfix) with SMTP id DB0E33A682F for ; Sun, 25 Jan 2009 04:56:13 -0800 (PST) To: Subject: Mail could not be delivered From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090125125613.DB0E33A682F@core3.amsl.com> Date: Sun, 25 Jan 2009 04:56:13 -0800 (PST)

Having trouble viewing this email? Click here to view as a webpage.

Best prices! Go to Our Site!

This email was sent to:

This email was sent by: Canadian Internet Services, Inc.
5149 W. Abram St. City, Arlington


We respect your right to privacy - view our policy

Manage Subscriptions | Update Profile | One-Click Unsubscribe
From john@enviroplas.net.au Sun Jan 25 07:55:05 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7041C28C17B; Sun, 25 Jan 2009 07:55:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -87.426 X-Spam-Level: X-Spam-Status: No, score=-87.426 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, HELO_MISMATCH_COM=0.553, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4TY9pZJUaaQI; Sun, 25 Jan 2009 07:55:01 -0800 (PST) Received: from 212-95-32-105.internetserviceteam.com (air2.rix.ftb.lv [159.148.61.232]) by core3.amsl.com (Postfix) with SMTP id D28A228C179; Sun, 25 Jan 2009 07:54:48 -0800 (PST) X-Originating-IP: 220.72.13.16 by smtp.212.95.32.105; Sun, 25 Jan 2009 14:52:30 -0100 Message-ID: Subject: Why get an original watch? Date: Sun, 25 Jan 2009 10:54:30 -0500 From: "Young Hagen" To: "Pedro Stratton" Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Pedro, Looking for a Longines? How about getting two, one for you and one for your spouse? http://search.yahoo.com/search?y=Search&p=wallmast%2ecom&fr=sfp&ei=UTF-8 (please click on the link after "Go directly to ") With top notch customer service and super warranty, we stand behind our watches. http://search.yahoo.com/search?y=Search&p=wallmast%2ecom&fr=sfp&ei=UTF-8 (please click on the link after "Go directly to ") Our Longines watches have perfect weight and feel same as orginal. Sincerely, Mr Stratton From mechemnn@allied-brokers.com Sun Jan 25 10:38:59 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C634E3A6836 for ; Sun, 25 Jan 2009 10:38:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -39.775 X-Spam-Level: X-Spam-Status: No, score=-39.775 tagged_above=-999 required=5 tests=[BAYES_99=3.5, HELO_EQ_DSL=1.129, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BAveTrarL2eF for ; Sun, 25 Jan 2009 10:38:58 -0800 (PST) Received: from aafb17.neoplus.adsl.tpnet.pl (aafb17.neoplus.adsl.tpnet.pl [83.4.131.17]) by core3.amsl.com (Postfix) with SMTP id 408CC3A6805 for ; Sun, 25 Jan 2009 10:38:55 -0800 (PST) To: Subject: Message from InterScan Messaging Security Suite From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090125183856.408CC3A6805@core3.amsl.com> Date: Sun, 25 Jan 2009 10:38:55 -0800 (PST)

Having trouble viewing this email? Click here to view as a webpage.

Best prices! Go to Our Site!

This email was sent to:

This email was sent by: Canadian Internet Services, Inc.
1641 Amphitheatre Parkway, Mountain View, CA, 80537, USA.


We respect your right to privacy - view our policy

Manage Subscriptions | Update Profile | One-Click Unsubscribe
From mke.elliott@anarchie-online.net Sun Jan 25 21:46:22 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 069813A682B for ; Sun, 25 Jan 2009 21:46:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -23.204 X-Spam-Level: X-Spam-Status: No, score=-23.204 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HELO_MISMATCH_NET=0.611, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iY3M-+YyR+ZW for ; Sun, 25 Jan 2009 21:46:21 -0800 (PST) Received: from afjrotc.net (unknown [189.78.116.63]) by core3.amsl.com (Postfix) with SMTP id E4EB33A67F7 for ; Sun, 25 Jan 2009 21:46:18 -0800 (PST) To: Subject: Welcome to eBay! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090126054619.E4EB33A67F7@core3.amsl.com> Date: Sun, 25 Jan 2009 21:46:18 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.healthleast.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://healthleast.com/faq.php

Privacy Statement | Terms & Conditions | Contact

ALFAWORD Ltd.
Tower Bridge Business Complex. Unit 8, B540. 266 Clements Road. London. SE12 4DG

© 2006-2008 ALFAWORD, Ltd. All Rights Reserved

From lardao@aaxes.com Mon Jan 26 03:06:40 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 296883A6A36 for ; Mon, 26 Jan 2009 03:06:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.407 X-Spam-Level: X-Spam-Status: No, score=-7.407 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_PACBELL_D=3.944, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_DHCP=1.398, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DSL=1.129, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fpK7mTo7RCqi for ; Mon, 26 Jan 2009 03:06:37 -0800 (PST) Received: from adsl-69-109-157-40.dsl.sndg02.pacbell.net (adsl-69-109-157-40.dsl.sndg02.pacbell.net [69.109.157.40]) by core3.amsl.com (Postfix) with SMTP id 9B26A3A6A2A for ; Mon, 26 Jan 2009 03:06:35 -0800 (PST) To: Subject: You've received an answer to your question From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090126110636.9B26A3A6A2A@core3.amsl.com> Date: Mon, 26 Jan 2009 03:06:35 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.reciprocityshow.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://reciprocityshow.com/faq.php

Privacy Statement | Terms & Conditions | Contact

ALFAWORD Ltd.
Tower Bridge Business Complex. Unit 8, B751. 507 Clements Road. London. SE72 5DG

© 2006-2008 ALFAWORD, Ltd. All Rights Reserved

From nowmag@allstream.net Mon Jan 26 06:34:29 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BE9523A6A07 for ; Mon, 26 Jan 2009 06:34:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.391 X-Spam-Level: X-Spam-Status: No, score=-14.391 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dej5aZ+i1GRX for ; Mon, 26 Jan 2009 06:34:28 -0800 (PST) Received: from host78-183-static.107-82-b.business.telecomitalia.it (host78-183-static.107-82-b.business.telecomitalia.it [82.107.183.78]) by core3.amsl.com (Postfix) with SMTP id 49FFC3A6874 for ; Mon, 26 Jan 2009 06:34:25 -0800 (PST) To: Subject: Receipt for Your Payment From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090126143427.49FFC3A6874@core3.amsl.com> Date: Mon, 26 Jan 2009 06:34:25 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.scaleintegrity.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://scaleintegrity.com/faq.php

Privacy Statement | Terms & Conditions | Contact

ALFAWORD Ltd.
Tower Bridge Business Complex. Unit 8, B015. 821 Clements Road. London. SE68 4DG

© 2006-2008 ALFAWORD, Ltd. All Rights Reserved

From kenneth@abbottexcellence.com Mon Jan 26 13:27:09 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED1AC3A69F1 for ; Mon, 26 Jan 2009 13:27:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.863 X-Spam-Level: ** X-Spam-Status: No, score=2.863 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DNS_FROM_OPENWHOIS=1.13, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, GB_I_LETTER=-2, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_DSL=1.129, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7jqYafDZ4miv for ; Mon, 26 Jan 2009 13:27:09 -0800 (PST) Received: from 227-179-222-201.adsl.terra.cl (227-179-222-201.adsl.terra.cl [201.222.179.227]) by core3.amsl.com (Postfix) with SMTP id 5C42A3A6814 for ; Mon, 26 Jan 2009 13:27:06 -0800 (PST) To: Subject: You've received an answer to your question From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090126212707.5C42A3A6814@core3.amsl.com> Date: Mon, 26 Jan 2009 13:27:06 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.achievementhot.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://achievementhot.com/faq.php

Privacy Statement | Terms & Conditions | Contact

ALFAWORD Ltd.
Tower Bridge Business Complex. Unit 1, B564. 228 Clements Road. London. SE49 4DG

© 2006-2008 ALFAWORD, Ltd. All Rights Reserved

From pana-bounces@ietf.org Tue Jan 27 01:35:38 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 84C853A6BC1; Tue, 27 Jan 2009 01:35:38 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7968F3A6BC1 for ; Tue, 27 Jan 2009 01:35:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.172 X-Spam-Level: X-Spam-Status: No, score=-0.172 tagged_above=-999 required=5 tests=[AWL=-0.511, BAYES_05=-1.11, MSGID_MULTIPLE_AT=1.449] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L47MXgEyNOpz for ; Tue, 27 Jan 2009 01:35:36 -0800 (PST) Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by core3.amsl.com (Postfix) with ESMTP id A366E3A6BC6 for ; Tue, 27 Jan 2009 01:35:36 -0800 (PST) Received: from LENOVO (dsl88-247-34762.ttnet.net.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis) id 0MKpCa-1LRkLf2FX7-0007ZQ; Tue, 27 Jan 2009 04:35:17 -0500 From: "Alper Yegin" To: "'Yoshihiro Ohba'" References: <20090119231257.GI14492@steelhead.localdomain> In-Reply-To: <20090119231257.GI14492@steelhead.localdomain> Date: Tue, 27 Jan 2009 11:34:50 +0200 Message-ID: <053601c98062$87f12d10$97d38730$@yegin@yegin.org> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acl6nOMUHlZVhV1iR0m5d8kua26w3wFxJHfw Content-Language: en-us X-Provags-ID: V01U2FsdGVkX18GM69kFTBP03h35NCW9N4m+pNp0YximVm33eD Lw+vyiVBQIcONVEVOK+SO872x2P2hXKmaj4/6ECuY2cu71VmCK 7ITE8iU1IBbbteADKOcaQ== Cc: pana@ietf.org, 'Basavaraj Patil' Subject: Re: [Pana] WG LC: Pre-authentication Support for PANA X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Yoshi, > > - Since the mechanism described in this document is designed to > work > > across multiple access networks, each EP in the serving network > > SHOULD be configured to allow PANA messages to be forwarded > between a > > PaC and a CPAA only if the PaC has a post-authorization SA with > the > > SPAA in order to avoid an unauthorized PaC to initiate pre- > > authentication. > > > > Not sure why we have to say anything like that. PANA pre-auth is just > UDP. > > Unless the serving network "intends to block" pre-auth, it would not > be > > preventing pre-auth. > > > > An EP should allow PANA messages from unauthorized only if they are > destined > > to SPAA. > > So, it should not blindly allow PANA messages. They may not only > allow > > pre-authentication (not that harmful), but they may even piggyback > some data > > to punch a hole through EP. I guess this is what the spec intends to > talk > > about, but it was not that clear to me from reading it. > > > I agree. How about revising the paragraph as follows? > > " > Since the mechanism described in this document is designed to work > across multiple access networks, each EP in the serving network > SHOULD allow PANA messages originated from unauthorized PaCs to be > forwarded only if they are destined to SPAA. I now think we don't even need to say this. The above paragraph is related to the serving access network and it has nothing to do with "pre-auth" operation. It may not even be a PANA-enabled network. It may not even have access authentication. I'd remove this part. > Also, each access > network that supports pre-authentication SHOULD block > pre-authentication attempts from networks from which a handover is > not likely to occur. This makes sense. Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 27 01:53:31 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A51C13A6BC1; Tue, 27 Jan 2009 01:53:31 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AB4E23A6B9C for ; Tue, 27 Jan 2009 01:53:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.317 X-Spam-Level: X-Spam-Status: No, score=0.317 tagged_above=-999 required=5 tests=[AWL=-0.947, BAYES_40=-0.185, MSGID_MULTIPLE_AT=1.449] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L8GdD60no8ya for ; Tue, 27 Jan 2009 01:53:30 -0800 (PST) Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by core3.amsl.com (Postfix) with ESMTP id EC1343A6A96 for ; Tue, 27 Jan 2009 01:53:29 -0800 (PST) Received: from LENOVO (dsl88-247-34762.ttnet.net.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis) id 0MKp8S-1LRkd00KYa-000Ssh; Tue, 27 Jan 2009 04:53:10 -0500 From: "Alper Yegin" To: "'Yoshihiro Ohba'" , "'Subir Das'" References: <4978A094.5080903@research.telcordia.com> <20090122143926.GA8050@steelhead.localdomain> In-Reply-To: <20090122143926.GA8050@steelhead.localdomain> Date: Tue, 27 Jan 2009 11:52:55 +0200 Message-ID: <054901c98065$0b3c1930$21b44b90$@yegin@yegin.org> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acl8wprWfwJCpoKTRd2MqX3kR3AZxgDojJ/g Content-Language: en-us X-Provags-ID: V01U2FsdGVkX1/NcgNuJxWT+TiCmOqMrNupWBpNQMLji/BlL62 OH1GrWcIG2oHGSJh1kutQopfahcCQq9a7Tg/zalJqK5qbJ9qHv 9/IvuBmShyAN4SHMaRgxg== Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org > > How does access network will know that handover is not likely to > occur? *** > > > > For example, handover is not likely to happen between an access network > in Tokyo > and an access network in NYC. I think what we really want to imply is that a given access network may be configured to allow/disallow pre-authentication from a set of access networks. "likeliness", "pre-configuration", etc. are all left to deployments... Alper _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Tue Jan 27 11:54:26 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8E44928C173; Tue, 27 Jan 2009 11:54:26 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 02DE328C193 for ; Tue, 27 Jan 2009 11:54:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.511 X-Spam-Level: X-Spam-Status: No, score=-2.511 tagged_above=-999 required=5 tests=[AWL=0.088, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NePwBrWcwtxx for ; Tue, 27 Jan 2009 11:54:23 -0800 (PST) Received: from toshi17.tari.toshiba.com (unknown [IPv6:2001:418:1403:0:212:17ff:fe52:7811]) by core3.amsl.com (Postfix) with ESMTP id 40C413A69B7 for ; Tue, 27 Jan 2009 11:54:23 -0800 (PST) Received: from steelhead.localdomain (tarij-62.tari.toshiba.com [172.30.24.110]) by toshi17.tari.toshiba.com (8.13.1/8.13.1) with ESMTP id n0RJosuc088177; Tue, 27 Jan 2009 14:50:54 -0500 (EST) (envelope-from yohba@tari.toshiba.com) Received: from ohba by steelhead.localdomain with local (Exim 4.69) (envelope-from ) id 1LRu0T-0005DC-6C; Tue, 27 Jan 2009 14:53:57 -0500 Date: Tue, 27 Jan 2009 14:53:57 -0500 From: Yoshihiro Ohba To: pana@ietf.org Message-ID: <20090127195357.GI17346@steelhead.localdomain> MIME-Version: 1.0 User-Agent: Mutt/1.5.18 (2008-05-17) Subject: [Pana] [FW: Re: Review of draft-ietf-pana-preauth-04.txt] X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1040683793==" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org --===============1040683793== Content-Disposition: inline Content-Type: text/plain; charset="iso-2022-jp" Let me forward my response to Lionel as the response stored in the ML archive is empty... Yoshihiro Ohba ----- Forwarded message from Yoshihiro Ohba ----- From: Yoshihiro Ohba To: lionel.morand@orange-ftgroup.com Cc: pana@ietf.org Subject: Re: [Pana] Review of draft-ietf-pana-preauth-04.txt User-Agent: Mutt/1.5.18 (2008-05-17) X-UIDL: aH^"!X>*"!JY0!!m&K!! Hi Lionel, Thank you very much for your review. Please see my comments below. On Tue, Jan 20, 2009 at 08:17:17PM +0100, lionel.morand@orange-ftgroup.com wrote: > Hi All, > > Here is my review of the draft. > I'm sorry but I haven't read yet the current exchange on this topic on the mailing list. > Therefore, most of my comments are maybe already covered by previous reviews. > > BR, > > Lionel > > *********************************** > > General comment: > > The document is quite in a good shape but some key points should clarify in order to understand the purpose of this document. > > *********************************** > > Abstract > > This document defines an extension to the Protocol for carrying > Authentication for Network Access (PANA) for proactively establishing > a PANA SA (Security Association) between a PaC in one access network > and a PAA in another access network to which the PaC may move. The > proposed method operates across multiple administrative domains. > > [LM] I would avoid the use of too many acronyms in the abstract. > Proposed change: > > "This document defines an extension to the Protocol for carrying > Authentication for Network Access (PANA) for proactively establishing > a PANA scurity association between a PANA Client in one access network > and a PANA Authentication Agent in another access network to which the > PANA Client may move. The proposed method operates across multiple > administrative domains." I agree. > > > 1. Introduction > > The Protocol for carrying Authentication for Network Access (PANA) > [RFC5191] carries EAP messages between a PaC (PANA Client) and a PAA > (PANA Authentication Agent) in the access network. If the PaC is a > mobile device and is capable of moving one access network to another > while running its applications, it is critical for the PaC to perform > a handover seamlessly without degrading the performance of the > applications during the handover period. When the handover requires > the PaC to establish a PANA session with the PAA in the new access > network, the signaling to establish the PANA session should be > completed as fast as possible. > > This document defines an extension to the PANA protocol [RFC5191] > used for proactively executing EAP authentication and establishing a > PANA SA (Security Association) between a PaC in an access network and > a PAA in another access network to which the PaC may move. The > proposed method operates across multiple AAA domains. The extension > to the PANA protocol is designed to realize direct pre-authentication > defined in [I-D.ietf-hokey-preauth-ps]. > > [LM] the multiple AAA domains case is not described in the document. We can delete the sentence "The proposed method operates across multiple AAA domains." > > > 2. Terminogy > > The following terms are used in this document in addition to the > terms defined in [RFC5191]. > > Serving PAA (SPAA): A PAA that resides in the serving network and > provides network access authentication for a particular PaC. For > simplicity, this document assumes that there is only one SPAA in > the serving network while the pre-authentication mechanism > described in this document is generally applicable to the case > where there are two or more SPAAs in the serving network. > > Candidate PAA (CPAA): A PAA that resides in a candidate network to > which the PaC may move. A CPAA for a particular PaC may be a SPAA > for another PaC. > > [LM] as you said, SPAA and CPAA are not tight to the notion of network but to the relationship with the PaC. > Why do not simply define SPAA as the current PAA having an PANA SA with the PaC and the CPAA as the new PAA with which an SA needs to be established? That is because even after a PANA SA is established with the CPAA, the PaC may hold the SA without moving to the access network of the CPAA, and the CPAA with the established PANA SA still needs to be distinguished from the SPAA. > > > Pre-authentication: Pre-authentication refers to EAP pre- > authentication and defined as the utilization of EAP to pre- > establish EAP keying material on an authenticator prior to arrival > of the peer at the access network served by that authenticator > [I-D.ietf-hokey-preauth-ps]. In this draft, EAP pre- > authentication is performed between a PaC and a CPAA. > > Pre-authorization: An authorization for a PaC, made by a CPAA for > the PaC at the time of pre-authentication. > > Post-authorization: An authorization for a PaC, made by a CPAA for > the PaC when the CPAA becomes the SPAA for the PaC. > > Pre-authorization SA: A PANA SA established between a PaC and its > CPAA. > > [LM] Why do not use Pre-PANA SA in that case? But see my comment below about Pre-/Post-PANA SA > > Post-authorization SA: A PANA SA established between the PaC and its > SPAA. > > [LM] Why do not use Post-PANA SA in that case? But see my comment below about Pre-/Post-PANA SA Please see my comment below. > > > 3. Pre-authentication Procedure > > A PaC that supports pre-authentication may establish a PANA session > for each CPAA. > > There may be several mechanisms for a PaC and a CPAA to discover each > other. However, such mechanisms are out of the scope of this > document. > > [LM] If possible, it would be maybe useful to provide at least one non-normative example for illustration. I am afraid if we described non-normative text for out-of-scope things, then people may say delete it. > > There may be a number of criteria for CPAA selection, the timing to > start pre-authentication and the timing to make a pre-authorization > SA a post-authorization SA (and hence the CPAA becomes the SPAA). > Such criteria can be implementation specific and thus are outside the > scope of this document. > > Pre-authentication may be initiated by both a PaC and a CPAA. A new > 'E' (prE-authentication) bit is defined in the PANA header. When > pre-authentication is performed, the 'E' (prE-authentication) bit of > PANA messages are set in order to indicate whether this PANA run is > for pre-authentication. Use of pre-authentication is negotiated as > follows. > > o When a PaC initiates pre-authentication, it sends a PANA-Client- > Initiation (PCI) message with the 'E' (prE-authentication) bit > set. The PCI message MUST be unicast. The CPAA responds with a > PANA-Auth-Request (PAR) message with the 'S' (Start) and 'E' (prE- > authentication) bits set only if it supports pre-authentication. > Otherwise, it MUST silently discard the message. > > [LM] The PCI message MUST be unicast to the CPAA. Alper had a comment to delete "The PCI message MUST be unicast." > > o When a CPAA initiates pre-authentication, it sends a PAR message > with the 'S' (Start) and 'E' (prE-authentication) bits set. The > PaC responds with a PANA-Auth-Answer (PAN) message with the 'S' > (Start) and 'E' (prE-authentication) bits set only if it supports > pre-authentication. Otherwise, it MUST silently discard the > message. > > [LM] I assume that the PAR is unicast to the PaC... Yes. > > o Once the PaC and CPAA have agreed on performing pre-authentication > using the 'S' (Start) and 'E' (prE-authentication) bits, the > subsequent PANA messages exchanged between them MUST have the 'E' > (prE-authentication) bit set. > > [LM] It could be useful to add here that this procedure can be performed with several CPAAs. I agree. > [LM] it could be also useful to say that the rest of the PANA exchange if for establishing the pre-PANA SA. I agree. > [LM] Is it assumed that the pre-PANA SA is established as new basic PANA SA? Basically, it would imply that the PaC is handling simultaneous PANA SA binding. and there is no pre- and Post-PANA SA, only multiple PANA SAs with several PAA. Both should be clarified in the procedure description. I agree. Basically this issue is the same as the one Alper and Rafa raised. We are trying to address the issue by replacing pre-authorization SA and post-authorization SA with pre-authorization state and post-authorization state, respectively. > > When a CPAA with which the PaC has a pre-authorization SA becomes the > SPAA due to, e.g., movement of the PaC, the PaC performs an IP > address update procedure defined in Section 5.6 of [RFC5191] in order > to update the SPAA with the PaC's new address obtained from the new > serving network. PANA-Notification-Request (PNR) and PANA- > Notification-Answer (PNA) messages with 'P' (Ping) bit set are used > for this purpose. The completion of the IP address update procedure > will change the pre-authorization SA to a post-authorization SA. In > this case, the 'E' MUST NOT be set in the PNR and PNA messages and > subsequent PANA messages. > > [Skip] > > > 4. PANA Extensions > > A new 'E' (prE-authentication) bit is defined in Flags field of PANA > header as follows. > > 0 1 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |R S C A P I E r r r r r r r r r| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > > E(PrE-authentication) When pre-authentication is performed, the 'E' > (prE-authentication) bit of PANA messages are set in order to > indicate whether this PANA run is for establishing a pre- > authorization SA. The exact usage of this bit is described in > Section 3. This bit is to be assigned by IANA. > > [LM] Even if everything is described in the section 3, it could also useful to add a specific section describing backward compatibility handling. We can certainly add a new section on backward compatibility handling. > > > 5. Authorization and Accounting Considerations > > A pre-authorization and a post-authorization for the PaC may have > different authorization policies. For example, the pre-authorization > policy may not allow the PaC to sent or receive packets through an > > [LM] s/sent/send OK. > > Enforcement Point (EP) that is under control of the CPAA, while both > the pre-authorization and post-authorization policies may allow > installing credentials to the EP, where the credentials are used for > establishing a security association for per-packet cryptographic > filtering. > > In an access network where accounting is performed, accounting starts > when the pre-authorization SA becomes the post-authorization SA by > default. Depending on the pre-authorization policy, accounting may > start immediately after the pre-authorization SA is established. > > > 6. Security Considerations > > Since the mechanism described in this document is designed to work > across multiple access networks, each EP in the serving network > SHOULD be configured to allow PANA messages to be forwarded between a > PaC and a CPAA only if the PaC has a post-authorization SA with the > SPAA in order to avoid an unauthorized PaC to initiate pre- > authentication. Also, each access network that supports pre- > authentication SHOULD block pre-authentication attempts from networks > from which a handover is not likely to occur. > > [LM] If you have multiple networks between the PaC and the CPAA, how do know that you have to block this request? Maybe this question on blocking requests from external networks shoul be out of scope as well. This issue was also raised by Alper and Rafa, and revised text has been proposed in response to Alper's email. Thank you, Yoshihiro Ohba ----- End forwarded message ----- _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana --===============1040683793== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana --===============1040683793==-- From kevin.armstrong@ah.tvh.ca Wed Jan 28 01:42:53 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B644028C100 for ; Wed, 28 Jan 2009 01:42:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -12.474 X-Spam-Level: X-Spam-Status: No, score=-12.474 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_EQ_FR=0.35, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HIZkODnqrp6S for ; Wed, 28 Jan 2009 01:42:50 -0800 (PST) Received: from agenatramp.fr (unknown [81.214.70.77]) by core3.amsl.com (Postfix) with SMTP id 7892128C0CF for ; Wed, 28 Jan 2009 01:42:49 -0800 (PST) To: Subject: MAILER-DAEMON From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090128094249.7892128C0CF@core3.amsl.com> Date: Wed, 28 Jan 2009 01:42:49 -0800 (PST)
Tell a friend · Download latest version See this email as a webpage

Hello pana-archive

Shipped Privately And Discreetly To Your Door!
See this email as a webpage
  We want to put a great big grin on your face in 2009. You'll be to rejoice all year.  

Unsubscribe · Lost Password · Account Settings · Help · Terms of Service · Privacy

© 2003-2009 SASI Limited. SASi Communications S.a.r.l., 22/24 Green St, Amsterdam L3973.

SASi, SASiIn, SASiOut, SASicasts, SASi Certified, SASiMe!, SASi Pro, SASiFind, SASi Prime, SASi To Go, associated logos and the ‘S’-symbol are trademarks of SASi Limited.
From ladonna.oakes@abbots.com.au Wed Jan 28 02:40:05 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 29B8F28C123 for ; Wed, 28 Jan 2009 02:40:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -13.268 X-Spam-Level: X-Spam-Status: No, score=-13.268 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sWtSWcXYhYvy for ; Wed, 28 Jan 2009 02:40:01 -0800 (PST) Received: from aischool.org (unknown [92.124.17.140]) by core3.amsl.com (Postfix) with SMTP id DA62128C115 for ; Wed, 28 Jan 2009 02:39:58 -0800 (PST) To: Subject: January 76% OFF From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090128103959.DA62128C115@core3.amsl.com> Date: Wed, 28 Jan 2009 02:39:58 -0800 (PST)
Tell a friend · Download latest version See this email as a webpage

Hello pana-archive

Shipped Privately And Discreetly To Your Door!
See this email as a webpage
  We want to put a great big grin on your face in 2009. You'll be to rejoice all year.  

Unsubscribe · Lost Password · Account Settings · Help · Terms of Service · Privacy

© 2003-2009 SASI Limited. SASi Communications S.a.r.l., 22/24 Green St, Amsterdam L9445.

SASi, SASiIn, SASiOut, SASicasts, SASi Certified, SASiMe!, SASi Pro, SASiFind, SASi Prime, SASi To Go, associated logos and the ‘S’-symbol are trademarks of SASi Limited.
From pana-bounces@ietf.org Wed Jan 28 11:23:07 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A14723A6C06; Wed, 28 Jan 2009 11:23:07 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BA98D3A6B9A; Wed, 28 Jan 2009 11:23:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CraCgXyJfgNR; Wed, 28 Jan 2009 11:23:04 -0800 (PST) Received: from mgw-mx09.nokia.com (smtp.nokia.com [192.100.105.134]) by core3.amsl.com (Postfix) with ESMTP id 5301D3A67DF; Wed, 28 Jan 2009 11:23:04 -0800 (PST) Received: from vaebh105.NOE.Nokia.com (vaebh105.europe.nokia.com [10.160.244.31]) by mgw-mx09.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id n0SJJ1xG004724; Wed, 28 Jan 2009 13:22:43 -0600 Received: from esebh102.NOE.Nokia.com ([172.21.138.183]) by vaebh105.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 28 Jan 2009 21:20:07 +0200 Received: from smtp.mgd.nokia.com ([65.54.30.8]) by esebh102.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Wed, 28 Jan 2009 21:20:00 +0200 Received: from NOK-EUMSG-03.mgdnok.nokia.com ([65.54.30.108]) by nok-am1mhub-04.mgdnok.nokia.com ([65.54.30.8]) with mapi; Wed, 28 Jan 2009 20:19:59 +0100 From: To: , Date: Wed, 28 Jan 2009 20:20:11 +0100 Thread-Topic: Request to progress I-D: draft-ietf-pana-statemachine-09.txt as informational RFC Thread-Index: AcmBfXAyKqcyth7t1USduuQkr9WspQ== Message-ID: Accept-Language: en-US Content-Language: en X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US MIME-Version: 1.0 X-OriginalArrivalTime: 28 Jan 2009 19:20:00.0811 (UTC) FILETIME=[6A1F6FB0:01C9817D] X-Nokia-AV: Clean Cc: Basavaraj.Patil@nokia.com, pana@ietf.org Subject: [Pana] Request to progress I-D: draft-ietf-pana-statemachine-09.txt as informational RFC X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Hi Jari, The PANA state machine I-D is now ready for being progressed towards publication as an Informational RFC. It has completed WG LC and has been reviewed and revised. Below is the shepherd writeup for the same. -Basavaraj (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? Document Shepherd: Basavaraj Patil. I have reviewed this version of the I-D and believe it is ready to be forwarded to the IESG for publication. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? The document has been reviewed adequately by WG members and non-WG members. I do not have any concerns about the breadth of depth of the reviews that have been performed. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization, or XML? No. The document has been adequately reviewed. No further reviews are necessary. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on this issue. No specific concerns/issues with the document exist. This document is intended to be pulished as an Informational RFC and it is primarily targeted at implementers of PANA protocol to better understand the state machine. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? Two WG last calls have been run. The WG is solidly in support of this document. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarize the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) No threats of appeals have been made. Nor is there any discontent among any of the WG members and participants. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See http://www.ietf.org/ID-Checklist.html and http://tools.ietf.org/tools/idnits/.) Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type, and URI type reviews? If the document does not already indicate its intended status at the top of the first page, please indicate the intended status here. Yes. Output of the IDnits tool: Summary: 0 errors (**), 4 warnings (==), 0 comments (--). (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. Yes. The references are split into normative and informative ones. No open-ended references exist. (1.i) Has the Document Shepherd verified that the document's IANA Considerations section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC2434]. If the document describes an Expert Review process, has the Document Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during IESG Evaluation? The document does have an IANA considerations section. The document does not specify any IANA actions. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? Document does not use any XML code or BNF rules etc. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This document defines the state machines for Protocol Carrying Authentication for Network Access (PANA) [RFC5191]. There are state machines for the PANA client (PaC) and for the PANA Authentication Agent (PAA). Each state machine is specified through a set of variables, procedures and a state transition table. Working Group Summary The WG has reviewed this document at length. It has also been presented and discussed at several WG meetings. Two WG last calls have also been run on it. The WG is satisfied with the quality of the document and there is consensus on publishing it. Document Quality Implemenations of PANA protocol itself exist. This I-D is intended to be published as an Informational RFC. It captures the state machine of the PANA protocol. The quality of the document is satisfactory. Personnel Who is the Document Shepherd for this document? Who is the Responsible Area Director? If the document requires IANA experts(s), insert 'The IANA Expert(s) for the registries in this document are .' Document shepherd: Basavaraj Patil Responsible AD: Jari Arkko No IANA experts are needed since it does not specify any IANA actions. _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From pana-bounces@ietf.org Wed Jan 28 12:03:19 2009 Return-Path: X-Original-To: pana-archive@megatron.ietf.org Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 606D128C12C; Wed, 28 Jan 2009 12:03:19 -0800 (PST) X-Original-To: pana@core3.amsl.com Delivered-To: pana@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C9CF928C10F for ; Wed, 28 Jan 2009 12:03:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.553 X-Spam-Level: X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[AWL=0.046, BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QUPze0jtWhW4 for ; Wed, 28 Jan 2009 12:03:16 -0800 (PST) Received: from smtp.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id E39FB28C111 for ; Wed, 28 Jan 2009 12:03:15 -0800 (PST) Received: from smtp.piuha.net (localhost [127.0.0.1]) by smtp.piuha.net (Postfix) with ESMTP id 05BF819865D; Wed, 28 Jan 2009 22:02:57 +0200 (EET) Received: from [127.0.0.1] (unknown [IPv6:2001:14b8:400::130]) by smtp.piuha.net (Postfix) with ESMTP id 779AB19872A; Wed, 28 Jan 2009 22:02:56 +0200 (EET) Message-ID: <4980B9AE.5050905@piuha.net> Date: Wed, 28 Jan 2009 22:01:50 +0200 From: Jari Arkko User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: Basavaraj.Patil@nokia.com References: In-Reply-To: X-Virus-Scanned: ClamAV using ClamSMTP Cc: pana@ietf.org Subject: Re: [Pana] Request to progress I-D: draft-ietf-pana-statemachine-09.txt as informational RFC X-BeenThere: pana@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Protocol for carrying Authentication for Network Access List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: pana-bounces@ietf.org Errors-To: pana-bounces@ietf.org Thanks. Its now on my queue. I will read it, but probably after the BOF decisions which have to be taken next week. Jari Basavaraj.Patil@nokia.com wrote: > Hi Jari, > > The PANA state machine I-D is now > ready for being progressed towards > publication as an Informational RFC. It has completed WG LC and has > been reviewed and revised. Below is the shepherd writeup for the same. > > -Basavaraj > > > (1.a) Who is the Document Shepherd for this document? Has the > Document Shepherd personally reviewed this version of the > document and, in particular, does he or she believe this > version is ready for forwarding to the IESG for publication? > > Document Shepherd: Basavaraj Patil. > I have reviewed this version of the I-D and believe it is ready to be > forwarded to the IESG for publication. > > > (1.b) Has the document had adequate review both from key WG members > and from key non-WG members? Does the Document Shepherd have > any concerns about the depth or breadth of the reviews that > have been performed? > > The document has been reviewed adequately by WG members and non-WG > members. I do not have any concerns about the breadth of depth of the > reviews that have been performed. > > > (1.c) Does the Document Shepherd have concerns that the document > needs more review from a particular or broader perspective, > e.g., security, operational complexity, someone familiar with > AAA, internationalization, or XML? > > No. The document has been adequately reviewed. No further reviews are > necessary. > > > (1.d) Does the Document Shepherd have any specific concerns or > issues with this document that the Responsible Area Director > and/or the IESG should be aware of? For example, perhaps he > or she is uncomfortable with certain parts of the document, or > has concerns whether there really is a need for it. In any > event, if the WG has discussed those issues and has indicated > that it still wishes to advance the document, detail those > concerns here. Has an IPR disclosure related to this document > been filed? If so, please include a reference to the > disclosure and summarize the WG discussion and conclusion on > this issue. > > No specific concerns/issues with the document exist. This document is > intended to be pulished as an Informational RFC and it is primarily > targeted at implementers of PANA protocol to better understand the > state machine. > > (1.e) How solid is the WG consensus behind this document? Does it > represent the strong concurrence of a few individuals, with > others being silent, or does the WG as a whole understand and > agree with it? > > Two WG last calls have been run. The WG is solidly in support of this > document. > > (1.f) Has anyone threatened an appeal or otherwise indicated extreme > discontent? If so, please summarize the areas of conflict in > separate email messages to the Responsible Area Director. (It > should be in a separate email because this questionnaire is > entered into the ID Tracker.) > > No threats of appeals have been made. Nor is there any discontent > among any of the WG members and participants. > > > (1.g) Has the Document Shepherd personally verified that the > document satisfies all ID nits? (See > http://www.ietf.org/ID-Checklist.html and > http://tools.ietf.org/tools/idnits/.) Boilerplate checks are > not enough; this check needs to be thorough. Has the document > met all formal review criteria it needs to, such as the MIB > Doctor, media type, and URI type reviews? If the document > does not already indicate its intended status at the top of > the first page, please indicate the intended status here. > > Yes. > Output of the IDnits tool: > Summary: 0 errors (**), 4 warnings (==), 0 comments (--). > > (1.h) Has the document split its references into normative and > informative? Are there normative references to documents that > are not ready for advancement or are otherwise in an unclear > state? If such normative references exist, what is the > strategy for their completion? Are there normative references > that are downward references, as described in [RFC3967]? If > so, list these downward references to support the Area > Director in the Last Call procedure for them [RFC3967]. > > Yes. The references are split into normative and informative ones. > No open-ended references exist. > > > (1.i) Has the Document Shepherd verified that the document's IANA > Considerations section exists and is consistent with the body > of the document? If the document specifies protocol > extensions, are reservations requested in appropriate IANA > registries? Are the IANA registries clearly identified? If > the document creates a new registry, does it define the > proposed initial contents of the registry and an allocation > procedure for future registrations? Does it suggest a > reasonable name for the new registry? See [RFC2434]. If the > document describes an Expert Review process, has the Document > Shepherd conferred with the Responsible Area Director so that > the IESG can appoint the needed Expert during IESG > Evaluation? > > The document does have an IANA considerations section. The document > does not specify any IANA actions. > > > (1.j) Has the Document Shepherd verified that sections of the > document that are written in a formal language, such as XML > code, BNF rules, MIB definitions, etc., validate correctly in > an automated checker? > > Document does not use any XML code or BNF rules etc. > > > (1.k) The IESG approval announcement includes a Document > Announcement Write-Up. Please provide such a Document > Announcement Write-Up. Recent examples can be found in the > "Action" announcements for approved documents. The approval > announcement contains the following sections: > > Technical Summary > This document defines the state machines for Protocol Carrying > Authentication for Network Access (PANA) [RFC5191]. There are state > machines for the PANA client (PaC) and for the PANA Authentication > Agent (PAA). Each state machine is specified through a set of > variables, procedures and a state transition table. > > Working Group Summary > > The WG has reviewed this document at length. It has also been > presented and discussed at several WG meetings. Two WG last calls have > also been run on it. The WG is satisfied with the quality of the > document and there is consensus on publishing it. > > Document Quality > Implemenations of PANA protocol itself exist. This I-D is intended to > be published as an Informational RFC. It captures the state machine of > the PANA protocol. The quality of the document is satisfactory. > > Personnel > Who is the Document Shepherd for this document? Who is the > Responsible Area Director? If the document requires IANA > experts(s), insert 'The IANA Expert(s) for the registries > in this document are .' > > Document shepherd: Basavaraj Patil > Responsible AD: Jari Arkko > > No IANA experts are needed since it does not specify any IANA actions. > > > > > _______________________________________________ Pana mailing list Pana@ietf.org https://www.ietf.org/mailman/listinfo/pana From cpardina@tornasolfilms.com Wed Jan 28 20:35:22 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F0AF3A68BC; Wed, 28 Jan 2009 20:35:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -48.026 X-Spam-Level: X-Spam-Status: No, score=-48.026 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_NET=0.611, HOST_EQ_BR=1.295, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q4ZAxgp31QaK; Wed, 28 Jan 2009 20:35:21 -0800 (PST) Received: from CUSTOMER.VPLS.NET (201.22.71.13.adsl.gvt.net.br [201.22.71.13]) by core3.amsl.com (Postfix) with SMTP id DF0C53A67D8; Wed, 28 Jan 2009 20:35:00 -0800 (PST) Message-ID: <2350Q8890.26321699nemo-owner@ietf.org> Date: Wed, 28 Jan 2009 23:34:35 -0500 From: "Elise Roper" To: "Emile Koch" Subject: 15% off on two watches Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Emile, If you've waited to get your Cartier watch, this is the right time to go for it. http://kriskfini.obxhost.net Take an extra 15% off your purchase during month of January (2009). http://kriskfini.obxhost.net Our Cartier watches have all appropriate markings, wordings and engravings same as orginal. Sincerely, Mr Koch From mudenison@allegro.com.au Thu Jan 29 06:51:22 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E26943A6B5F for ; Thu, 29 Jan 2009 06:51:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -22.732 X-Spam-Level: X-Spam-Status: No, score=-22.732 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, GB_I_LETTER=-2, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mlrcqKQTlOat for ; Thu, 29 Jan 2009 06:51:19 -0800 (PST) Received: from ajman.ac.ae (unknown [189.32.203.71]) by core3.amsl.com (Postfix) with SMTP id 2501A3A69B4 for ; Thu, 29 Jan 2009 06:51:16 -0800 (PST) To: Subject: Welcome to eBay! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090129145117.2501A3A69B4@core3.amsl.com> Date: Thu, 29 Jan 2009 06:51:16 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.valleyhot.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://valleyhot.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 8, B964. 091 Clements Road. London. SE20 9DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From ability@ability-group.com Thu Jan 29 08:59:30 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 00DBB3A68E1; Thu, 29 Jan 2009 08:59:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -59.551 X-Spam-Level: X-Spam-Status: No, score=-59.551 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_RFC_BOGUSMX=1.482, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_NET=0.611, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_PH_SURBL=1.787, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hnp7QCK8fQGU; Thu, 29 Jan 2009 08:59:29 -0800 (PST) Received: from CUSTOMER.VPLS.NET (200-127-136-149.dsl.prima.net.ar [200.127.136.149]) by core3.amsl.com (Postfix) with SMTP id DB8C03A68DB; Thu, 29 Jan 2009 08:59:11 -0800 (PST) Message-ID: <1572D945.44817257nemo-owner@ietf.org> Date: Thu, 29 Jan 2009 11:58:20 -0500 From: "Sanford Mills" To: "Kendrick Lay" Subject: Beautiful Emporio Armani watches for less Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Kendrick, Money is tight, times are hard. Christmas is over. Time to get a new Watch! http://jrsmithktanu.blackapplehost.com How does 90 percent off sound? Great, of course! And greatness is what awaits you at Prestige Reps, the preferred online store where you will find the finest watch imitations for exactly that: 90% off! http://jrsmithktanu.blackapplehost.com With so many watches that look and work like the real thing, I guarantee you'll have a delicious time finding yours at our store! Sincerely, Mr Lay From alicia@marconipue.com Thu Jan 29 09:10:34 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8E1553A68F7; Thu, 29 Jan 2009 09:10:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -50.4 X-Spam-Level: X-Spam-Status: No, score=-50.4 tagged_above=-999 required=5 tests=[BAYES_60=1, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Be+WFMKYp98E; Thu, 29 Jan 2009 09:10:33 -0800 (PST) Received: from CUSTOMER.VPLS.NET (unknown [201.232.30.42]) by core3.amsl.com (Postfix) with SMTP id 3223128C0DB; Thu, 29 Jan 2009 09:10:19 -0800 (PST) Message-ID: <630W663.34559500nemo-owner@ietf.org> Date: Thu, 29 Jan 2009 12:09:54 -0500 From: "Kristi Riddle" To: "Vince Patel" Subject: Inexpensive Chopard watches Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Vince, Loving yourself is the first step in loving life. And what better way to do it, than by getting yourself a fine designer watch? http://mgarwowoxu.freeservercity.com The watch of your dreams doesn't have to be an overpriced piece of machinery. Nowadays you can get the same functionality and distinctive looks from the next best thing. Visit Prestige Reps and choose from hundreds of gorgeous models at less than ten percent the price of an original. http://mgarwowoxu.freeservercity.com Only Prestige Reps offers you unsurpassed quality and award-winning customer service. So, what are you waiting for? Sincerely, Mr Patel From mccluskeycu@alphasystems.com Thu Jan 29 19:27:34 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8D7383A687F for ; Thu, 29 Jan 2009 19:27:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -21.128 X-Spam-Level: X-Spam-Status: No, score=-21.128 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, TVD_SPACE_RATIO=2.219, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eEb5qz365mZf for ; Thu, 29 Jan 2009 19:27:34 -0800 (PST) Received: from ppp-58-10-228-83.revip2.asianet.co.th (ppp-58-10-228-83.revip2.asianet.co.th [58.10.228.83]) by core3.amsl.com (Postfix) with SMTP id 52A5D3A6878 for ; Thu, 29 Jan 2009 19:27:28 -0800 (PST) To: Subject: RE: Message From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090130032730.52A5D3A6878@core3.amsl.com> Date: Thu, 29 Jan 2009 19:27:28 -0800 (PST) Having trouble viewing this email? Click here to view as a webpage. From customerservice@readingglasses.com Thu Jan 29 21:10:49 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0538F3A6A3F; Thu, 29 Jan 2009 21:10:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -47.9 X-Spam-Level: X-Spam-Status: No, score=-47.9 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wccN75ieHltP; Thu, 29 Jan 2009 21:10:48 -0800 (PST) Received: from CUSTOMER.VPLS.NET (unknown [218.111.134.161]) by core3.amsl.com (Postfix) with SMTP id 3D9A53A6A41; Thu, 29 Jan 2009 21:10:20 -0800 (PST) Message-ID: <662H281.5286530nemo-owner@ietf.org> Date: Fri, 30 Jan 2009 00:09:54 -0500 From: "Cynthia Shoemaker" To: "Jenny Hagan" Subject: Rep watches made easy Content-Type: text/plain; Content-Transfer-Encoding: 7bit Dear Jenny, Loving yourself is the first step in loving life. And what better way to do it, than by getting yourself a fine designer watch? http://tazcoolslobo.freeservercity.com The watch of your dreams doesn't have to be an overpriced piece of machinery. Nowadays you can get the same functionality and distinctive looks from the next best thing. Visit Prestige Reps and choose from hundreds of gorgeous models at less than ten percent the price of an original. http://tazcoolslobo.freeservercity.com So, what are you waiting for? Get that unique timepiece today at Prestige Reps! Sincerely, Mr Hagan From kapamira@ama-assn.org Thu Jan 29 22:43:00 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2B59F3A6A93 for ; Thu, 29 Jan 2009 22:43:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.237 X-Spam-Level: X-Spam-Status: No, score=-14.237 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_DSL=1.129, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zC1YAFlCi7Q6 for ; Thu, 29 Jan 2009 22:42:59 -0800 (PST) Received: from athedsl-252305.home.otenet.gr (athedsl-252305.home.otenet.gr [85.73.33.47]) by core3.amsl.com (Postfix) with SMTP id 75FAF3A689B for ; Thu, 29 Jan 2009 22:42:56 -0800 (PST) To: Subject: You've received an answer to your question From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090130064257.75FAF3A689B@core3.amsl.com> Date: Thu, 29 Jan 2009 22:42:56 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.warmnoble.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://warmnoble.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 8, B862. 962 Clements Road. London. SE41 1DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved

From neau@aceb.fr Fri Jan 30 09:18:35 2009 Return-Path: X-Original-To: ietfarch-pana-archive@core3.amsl.com Delivered-To: ietfarch-pana-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F2C663A6AB5 for ; Fri, 30 Jan 2009 09:18:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.159 X-Spam-Level: X-Spam-Status: No, score=-11.159 tagged_above=-999 required=5 tests=[BAYES_99=3.5, GB_I_LETTER=-2, HELO_EQ_DYNAMIC=1.144, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_IMAGE_ONLY_32=1.778, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c-fcFjPEANFG for ; Fri, 30 Jan 2009 09:18:34 -0800 (PST) Received: from host177-34-dynamic.47-79-r.retail.telecomitalia.it (host177-34-dynamic.47-79-r.retail.telecomitalia.it [79.47.34.177]) by core3.amsl.com (Postfix) with SMTP id 2C33D3A6965 for ; Fri, 30 Jan 2009 09:18:31 -0800 (PST) To: Subject: Hi From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090130171833.2C33D3A6965@core3.amsl.com> Date: Fri, 30 Jan 2009 09:18:31 -0800 (PST)
We ship Worldwide! To all countries! To all destinations!
Cant see a picture? Click Here!

To unsubscribe from this mailing list, please log in to www.clearzest.com, click on "My Account", click "Update" to edit your registration details and uncheck the "Receive Newsletter?" check box.
Or unsubscribe at http://clearzest.com/faq.php

Privacy Statement | Terms & Conditions | Contact

KEYWORD Ltd.
Tower Bridge Business Complex. Unit 2, B798. 664 Clements Road. London. SE08 4DG

© 2006-2008 KEYWORD, Ltd. All Rights Reserved