[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AW: AW: Review of draft-ietf-geopriv-radius-lo-04.txt
> if we talk about location-based authorization and if this authorization
> step is mandatory then the radius server will ask the nas to provide
> location information and if he cannot provide it then an access reject
> must be sent.
> if the home network operator just wants to print location information to
> the bill (something like 'wlan hotspot at abc in munich') then the
> radius server might not want to send an access reject if the nas cannot
> provide it. maybe the best way to address this aspect is not to request
> location information with the access-challenge but later when accounting
> messages are exchanged.
If the RADIUS server needs location info for authorization then it needs
to send an Access-Challenge expressing that need. If does not require
location information in the Access-Request but would like it in the
Accounting packets if available, it can include a "send location"
attribute in an Access-Accept.
a. RADIUS Server REQUIRES location in Access-Request or
Accounting-Request: server sends an Access-Challenge with an attribute
that expresses what is required.
b. RADIUS server would like location information in the Accounting-Request
but does not require it: RADIUS server sends an Access-Accept with an
attribute that expresses what is desired.
c. RADIUS server REQUIRES location in Access-Request, but has not received
it after sending an Access-Challenge: RADIUS server
sends an Access-Reject with an Error-Cause attribute with value "Missing
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.