[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Isms] RE: Follow up on Authorize Only issue

To: <isms@ietf.org>, <radiusext@ops.ietf.org>
Subject: RE: [Isms] RE: Follow up on Authorize Only issue
From: "Nelson, David" <dnelson@enterasys.com>
Date: Tue, 25 Jul 2006 17:00:08 -0400

Jeff Hutzelman writes...

> If the RADIUS server wishes to log the NAS's request, it's welcome to
do
> so, but what information is relevant to that that's not a necessary
part
> of the request?

I think I've added some unintentional confusion.  Indeed, the "user
name" is necessary in the access request so that the server can perform
the profile lookup.  Someone had suggested on the list that additional
information _might_ be provided as an outcome of authentication that
could be additionally passed along for auditing purposes.  I think the
example was given of a Kerberos ticket.  Now I don't know if that makes
any sense, and the suggestion wasn't accompanied by a detailed use case.
So, maybe the auditing suggestion is a red herring.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Next by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Previous by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Next by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Index(es):
- Date
- Thread