Rough minutes by Dave Spence.
Monday, March 18, 2002
Authentication Authorization Accounting Architecture(AAAarch) RG
Opening remarks and agenda bashing
Cees de Laat
* Since London
o 2 revised drafts in AAAarch
o 1 draft in last call and submitted
o 0 teleconferences
o ~2 teleconferences related to Access Bind PIB
* Charter review
o Generic AAA ? underway
o Define in a high level and abstract way the interfaces between the different components in the architecture. ? underway
o AAA related policy framework ? on the table
o Accounting model ? on the table
o Simulation model ? underway
o Work with RAP WG? on the table
o Work with GRID-Forum ? underway
* Drafts
o Draft-taal-aaaarch-generic-pol-01.txtJohn Vollbrecht
o Draft-irtf-aaaarch-aaa-pol-01.txt
* Slide showing user, AAA, and application with preexisting SA and business association and relational SA and business association.
o Use preexisting to create “relational” [wrong term]* Add CA or KDC to the model.
* Add a broker between AAA and application
o How do user and application know what an authorization belongs to? (binding problem, use of keys)* Three way exchange
o 802.11i project* John mapped the exchange to pull model
o Jesse Walker and others
o Supplicant-initiated key passing
* Work item
o Take Chesson model and apply to AAAarch models (push/pull/agent)
o Apply also to roaming/broker model
o Include auditing (proving who asked, who authorized)
* Questions
o Model from application point of view. Using Keynote2(?) you could use authorization certificates. [not sure I have this right]
| CdL - feb 3th 2002 | Visitors of this page: |