RE: Review of draft-ietf-radext-vlan-02.txt

["Bernard Aboba" <bernard_aboba@hotmail.com>]

How about adding the following to the "Attribute Interpretation" section?

"The attributes described in this
document apply to a single instance of a NAS port, or more
specifically an IEEE 802.1Q bridge port.  The underlying IEEE
802 standards, upon which this work is based, do not
currently recognize finer management granularity than "per
port".  In some cases, such as with IEEE 802.11 wireless
LANs, the concept of a "virtual port" is used in place of the
physical port.  Such virtual ports are typically based on
security associations and scoped by station, or MAC address.

The attributes defined in this document are
applied on per user basis and it is expected that there is a single user
per port; however in some cases that port may be a "virtual
port".

If a NAS implementation conforming to this document
supports "virtual ports", it may be possible to provision
those "virtual ports" with unique values of the attributes
described in this document, allowing multiple users sharing
the same physical port to have a unique set of authorization
parameters."



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>