[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RFC 2867/2868 question
Bernard Aboba wrote:
I have a question though: It seems like we can use either RADIUS
Access-Request/Answer, or RADIUS Accounting Request/Answer for setting
up the compulsory tunnel. What is the rationale behind this
"flexibility"? When would you recommend using one or the other?
I am not sure what "flexibility" you are talking about. RADIUS Accounting
is not an authentication/authorization mechanism, it is an accounting
protocol. RFC 2867 attributes are used to account for tunnel usage after
they have been set up; the RFC 2868 attributes are used to authorize
There's some flexibility in using the same attributes for
incoming or outgoing tunnels, and for reporting capabilities
vs. requesting a specific action. (I'm personally not too
fond of this flexibility.)
But all of this happens within the auth/authz part i.e.
Access-Request/Challenge/Response, not within accounting.
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.