[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Isms] RE: Follow up on Authorize Only issue

To: <isms@ietf.org>, <radiusext@ops.ietf.org>
Subject: RE: [Isms] RE: Follow up on Authorize Only issue
From: "Nelson, David" <dnelson@enterasys.com>
Date: Tue, 25 Jul 2006 17:12:10 -0400

Dave Harrington writes...

> But "provisioning SNMP parameters" explicitly does not include mapping
> to the access control subsytem; ...

I don't read that in the charter.  You apparently read it between the
lines.  Defining a new Access Control Subsystem or making changes to
VACM is explicitly out of scope.

> ...that is a separate issue that is out of scope for the WG,
> and should be dealt with in a separate document when such a
> document is included in a subsequent ISMS charter.

We've had this discussion many months ago.  My opinion hasn't changed.
I think that providing a way for RADIUS to provision group membership
information that can be used to map into any Access Control Subsystem
ought to be part of the work.  Especially if it does not actually affect
the architectural model, and is accomplished in an implementation
dependent fashion.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: [Isms] RE: Follow up on Authorize Only issue
  - From: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>

Prev by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Next by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Previous by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Next by thread: Re: [Isms] RE: Follow up on Authorize Only issue
Index(es):
- Date
- Thread