RE: COMMENT: draft-ietf-radext-design

[<Pasi.Eronen@nokia.com>]

Alan T DeKok wrote:

>   The comments are NOT largely editorial.  They are the direct
> result of multiple attempts (I-D's, vendors, etc.) to create complex
> data types where none are necessary.  The result is increased
> complexity in the protocol, the implementations, and decreased
> inter-operability.
> 
>   RADIUS is an authorization protocol that provisions pre-existing
> services.  Defining new services in RADIUS is explicitly out of
> scope of the protocol.

Yes, it's outside the scope of RADIUS, but "scope of RADIUS" is
not the same thing as "scope of some Internet-Draft".

>   Section 2.1.5 says:
> 
> 	New services using RADIUS for
>         provisioning SHOULD be defined elsewhere and referenced in the
>         RADIUS specification.
>
>   So yes, we are mandating two I-D's for provisioning new services
> in RADIUS.  One document to define the service, and another to
> define how RADIUS provisions that service.  This is no different
> than creating MIBs.  One document defines the protocol / service.
> Another one defines the MIBs.

This approach is not always used for MIBs. For example, the IEEE
802.11 specification includes both the protocol/service (802.11) and
the MIB in the same document.

And e.g. draft-ietf-isms-secshell-15 defines the SSH transport model
in the same Internet-Draft as the MIB for managing it.

Best regards,
Pasi
�������zǧu���Ơz�iخ�����Ȟ����Šݺ{.n������"�	^�)��zg������rj�!���� r���+-��{