[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Issue: Zero Tag field in Filter-Rule attribute
Issue: Zero Tag field in Filter-Rule attribute
Submitter name: David Nelson
Submitter email address: dnelson at enterasys.com
Date first submitted: August 26, 2006
Reference:
Document: Filter-Rule-02
Comment type: T
Priority: S
Section: 2
Rationale/Explanation of issue:
Currently the document does not describe how the Tag value of zero is
handled.
I would suggest that the Tag value of 0 be reserved as an indicator of
un-tagged attributes.
If it is not already clear from the diagram and text, we should clarify that
this Tag is not
optional, as it is for strings in 2868.
[BA]
My suggestion is that a value of zero (0) be used to indicate a filter-rule
that is less than 253 octets, so that concenation if not required, and
multiple filter-rules can utilize the same zero (0) value. Here is the
proposed text:
Tag
The Tag field is one octet, and MUST always be present. It is used
to
identify the filter rule that is represented. Where a single
filter rule exceeds 253 octets in length, the rule may be encoded
across multiple NAS-Filter-Rule attributes, each with the same
non-zero Tag value; non-zero Tag values MUST be unique for each
filter rule present in a RADIUS packet. The value of zero (0) in
the Tag field indicates that the attribute contains a filter rule
that does not exceed 253 octets in length; as a result attributes
with a Tag value of zero MUST NOT be concatenated, and multiple
Filter-Rule attributes with a tag value of zero may be included
in a single RADIUS packet.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>