[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft

To: "Alan DeKok" <aland@ox.org>
Subject: RE: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft
From: "Avi Lior" <avi@bridgewatersystems.com>
Date: Wed, 15 Mar 2006 21:14:29 -0500
Cc: <radiusext@ops.ietf.org>

Alan

I know about policy files and GUIs and XmL and auto code etc... All of
those are code changes.  Its just different code.  Some code change is
simpler then others.

So whether I end up dealing with the attribute by pressing a few gui
buttons to add another If rule, or I have to insert a new EAP method or
Cryptography procedure do deal with the new attribute --- its all code
change.  

Lets be real about it and not loose sight that when a server is required
to deal with a new attribute new code has to be inserted.

>   Dictionaries also allow the creation of complex policy 
> languages, by separating the language syntax from the data 
> and types the language operates on.

In a very simple world yes you can live within the limits of your
dictionaries but in more complex scenarios, you  have to roll some good
old fashion  C compiler.  

> -----Original Message-----
> From: aland@nitros9.org [mailto:aland@nitros9.org] On Behalf 
> Of Alan DeKok
> Sent: Wednesday, March 15, 2006 6:47 PM
> To: Avi Lior
> Cc: radiusext@ops.ietf.org
> Subject: Re: New Technical Issues RE: WG last call in 
> progress on VLAN/Priority Draft
> 
> "Avi Lior" <avi@bridgewatersystems.com> wrote:
> > So whether or not the attribute is compound or not, if the server 
> > needs to "interact" with that attribute then it needs to 
> have new code added.
> > This applies to any server or client that needs to "interact" with 
> > that attribute.
> 
>   For clients, yes.  For servers, though, many have complex 
> policy configuration files.  So the policy has to be updated 
> to deal with a new attribute, but the server code does not 
> need to change.
> 
>   In many cases, the policy is GUI driven, and is "if you see 
> FOO with value BAR in the request, respond with FOOD with value BARD".
> 
> > So the notion of dictionary driven code and using existing radius 
> > types really speaks only about not adding any code to the RADIUS 
> > packet encoder/decoder.
> 
>   Dictionaries also allow the creation of complex policy 
> languages, by separating the language syntax from the data 
> and types the language operates on.
> 
>   Alan DeKok.
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft
  - From: "Alan DeKok" <aland@ox.org>

Prev by Date: Re: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft
Next by Date: Re: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft
Previous by thread: Re: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft
Next by thread: Re: New Technical Issues RE: WG last call in progress on VLAN/Priority Draft
Index(es):
- Date
- Thread