Jakob Schlyter wrote:
>On Wed, 4 Dec 2002, Carl Moberg wrote:
>>>same could apply to pstn phone lines, but noone requires a pin code before
>>>dialing either. if this is a question about liablity, then perhaps the
>>>subscriber contract should be changed to reflect reality.
>>No, it's simply a question of authentication, authorization and
>>accounting (AAA). The weak form of AAA used for voice over POTS may be
>>sufficient in that specific case, but my bank sure still want a PIN in
>>order to give me information on my account balance.
>pstn telco <--> isp
>bank <--> bank
I might be running a little bit fast here. What I'm trying to say is that
all ISPs care about today is climbing the value chain. They know now
that the war over customers by lowering prices and lying about actual
transmission speed is over. B2, Utfors and a couple of others have
proven that it's a dead, dead, dead end. It was, from the very first
day a question about who could lose the most money without staggering
and falling over. Consequently they're looking at what people are actually
*doing* in front of the computer connected to the ADSL line. The
overwhelming majority of the users are checking mail, do a little bit of
random surfing (mixed with the occasional booking of a movie ticket)
and teenagers are using messengers, ICQ or webchats. They suddenly
realize that it's actually the content and service providers that actually
stand a chance to (gasp) creating revenue. Either from selling services
end-users or getting them from banner sales or other third party business.
In my (limping) parallell above, I tried to push the ISP towards the
role of the bank. Moving from being just a infrastructure administrator
into a player that actually sell usable services, that people want to
>the connection itself is not authenticated. yes, you need authentication
>on media shared by several users (such as public wlan hotspots) but not
>for dsl access. the isp knows there the copper terminates.
Sure, but they don't know who's using it.
>>Well, I partly agree. Some users want a simple always on service, most
>>users don't really care if they have to type their username and
>>password, especially not if that means that they may get cheaper access.
>>No user wants to pay for the full weight of always on.
>how could the telia dsl access be cheaper with authentication? most users
>are already working around it anyway and the customers are not billed for
>how long they use the services, it is already always on.
You need to authenticate a user to provide him/her with profile-based
services. Let me assure you that most users don't work around it.
The billing model of today (flat rate) is in no way perfect and I think
most of the ISPs I know of is discussing other ways to bill their
>however, the access would be cheaper if telia didn't have to buy the
>equipment doing the authentication ...
Of course, but that would also effectively eliminate all chances
of introducing value adding services.
>>Why is it that we don't have a lot more
>>*DSL/Ethernet/Barbwire-to-the-home operators in Sweden.
>with the risk of finger pointing, I believe the largest reason is spelled
That is of course the politically correct thing to boldly state, but I beg
to differ or at least introduce some nuance. If you look at the rest of
the world (the non-Skanova part) you don't actually see an explosion
of new players that sell flat rate broadband to the consumer market
now do you?
>>PANA is one shot at it, yes, there are others solutions already in use
>>with paying customers (e.g. http://www.weca.net/) that aim and shoot for
>>a subset of the PANA problem domain.
>if pana succeeds, the other will most probably die - this has been the
>case for most other non-ietf protocols.
I don't agree. Historically, the IETF haven't bothered with solving
problems that have a working solution (reinventing the infamous wheel).
Most practical parts of what PANA is trying to do already have a solution
that have been more or less widely deployed. I'm not sure the WISPs
around the globe will stop deploying 802.1x because the IETF is
discussing another way of authentication end-stations. Again, I'm not
saying that PANA is going to end up being an inferior protocol, all I'm
saying is that all IETF protocols don't automatically gain wide deployment.
But, as I said before these are merely speculations and I may be completely