CURRENT_MEETING_REPORT_ Reported Brian Lloyd/Telebit PPPEXT Minutes Noel Chiappa opened the Point-to-Point Protocol Extensions meeting and then handed it over to Brian Lloyd, the new Working Group Chair. There was an early observation that no router vendors (other than Telebit) appeared to be present. This curtailed discussion of synchronous PPP. Most of the discussion that followed tended to address the needs/desires of the asynchronous PPP community. The current list of documents was discussed. Here is the list of current documents: RFC 1171 RFC 1172 o LCP draft Simpson o IPCP draft McGregor o Appletalk Parken - hold waiting for Appletalk wg o ISO/CLNP Katz/Simpson - no interest yet? o DECnet 4 Senum - not much said o SNAP B? - no interest o LLC Harvey - no interest o Bridging Baker - already an RFC o 32 bit FCS Harvey - general approval - no known implementations o Authentication Lloyd/Simpson - most discussion here o MIB Kastenholz - no implementations Consensus indicated that the lcp and ipcp draft documents (these will supercede RFC 1171 and 1172 respectively) should proceed to the next level since there are numerous interoperable implementations. Bill Simpson will make very minor changes to his document and republish it. None of the other documents were deemed ready to progress to the next level because of either a) lack of further interest, or b) no implementations. Consensus also indicated a need for a catalog document to keep track of all the PPP related documents. Brian Lloyd is working on that. Discussion was heavy on the new Lloyd/Simpson authentication protocol document that describes the Password Authentication Protocol (PAP) and the Challenge Handshake Authentication Protocol (CHAP). There was a discussion of where authentication should go. It was decided that link-level authentication in the Link Control Protocol (LCP) is acceptable so long as additional authentication may be used within the Upper Layer Protocols (ULPs -- NCP or higher). 1 Strong discussion indicated a need for a mechanism to allow a called PPP system to indicate to its peer that it wishes to close the link and dial-back for purposes of authentication. This information was referred back to Simpson and Lloyd to research and add to the authentication document. It was decided that the proper digest algorithm for CHAP should be MD5. As a result it was decided that references to MD2 and MD4 should be removed from the document. James Galvin representing the Security Area Advisory Group (SAAG) Working Group strongly recommended adding a section on distribution of the ``secret'' used in CHAP. More information is needed in the authentication document about bit and octet ordering and character sets used (in the case of legible passwords and secrets). More detail is needed about the PAP message reply. CHAP needs a mechanism (besides dropping the link) to indicate that the authentication has succeeded or failed. This is because some system will require the user to enter the secret value in real time so there may be errors and hence retries. The size of the secret value was increased from 64 to 128 bits. The challenge needs to be non-repeating. The document needs to discuss methods of generating good challenges. The document should also remove all references to encryption. The last item of the day was to generate a list of recommended PPP options to go into the router requirements document. The final list of suggested options for sync implementations: o Support for the Link Quality Monitoring (LQM) option. o Support for the magic number (loopback detection) option. o No address/control field compression. o No protocol field compression. For Async Implementations: o Do address/control field compression. o Do protocol field compression. 2 Attendees James Barnes barnes@xylogics.com Gregory Bruell gob@shiva.com Philip Budne phil@shiva.com Randy Butler rbutler@ncsa.uiuc.edu Cerafin Castillo cec@emulex.com Richard Cherry rcherry@novell.com Gary Ellis garye@hpspd.spd.hp.com Arlan Finestead arlanf@ncsa.uiuc.edu James Galvin galvin@tis.com Robert Griffioen Jack Hahn hahn@umd5.umd.edu Russ Hobby rdhobby@ucdavis.edu Ron Jacoby rj@sgi.com Frank Kastenholz kasten@europa.clearpoint.com Tom Kessler kessler@sun.com Kenneth Key key@cs.utk.edu Mark Knopper mak@merit.edu Anthony Lauck lauck@tl.enet.dec.com Joshua Littlefield josh@cayman.com Brian Lloyd brian@telebit.com Glenn McGregor ghm@merit.edu Bradford Parker brad@cayman.com Mike Petry petry@ni.umd.edu Richard Smith smiddy@pluto.dss.com Bruce Taber taber@interlan.com Theodore Tso John Veizades veizades@apple.com Preston Wilson preston@i88.isc.com L. Michele Wright uncng!michele@uunet.uu.net Joseph Zur fibrontics!zur@uunet.uu.net 3