[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PIC terminology

To: ietf-ipsra@xxxxxxxx
Subject: PIC terminology
From: Robert Moskowitz <rgm-sec@xxxxxxxxxxxxxxx>
Date: Tue, 11 Dec 2001 13:39:33 -0700
List-archive: <http://www.vpnc.org/ietf-ipsra/mail-archive/>
List-id: <ietf-ipsra.vpnc.org>
List-unsubscribe: <mailto:ietf-ipsra-request@vpnc.org?body=unsubscribe>
Sender: owner-ietf-ipsra@xxxxxxxxxxxxx

I have always been bothered by the PIC terminology:

   Authentication server (AS): a server at the organization which can relay
          the user's authentication request to the legacy system.
   Legacy authentication server (LAS): a RADIUS server, LDAP server and the
          like, which the AS uses to authenticate the user.

My recent work in WLAN has shown me a different usage that might be of value here.

I know that changing wording late in the game is hard, but perhaps it might give greater flexiblity.

****************************

I have long time been bothered by the term: Legacy authentication server

These things are NOT Legacy.

I am going to recommend we use terms like 802.1x does. I fully realize the topological differences between PIC and 802.1x, but functionally they do very similar things.

802.1x has the terms: Authenticator and Authentication Server. The mapping is:

PICS 802.1x

AS		Authenticator
LAS		Authentication Server

Robert Moskowitz
TruSecure Corporation
Security Interest EMail: rgm-sec@xxxxxxxxxxxxxxx

Prev by Date: IPSRA and Mobile IP
Next by Date: RE: IPSRA and Mobile IP
Previous by thread: IPSRA and Mobile IP
Next by thread: ANNOUNCE: NDSS'02 Early Registration Deadlines Approaching
Index(es):
- Date
- Thread