Re: I-D Action:draft-ietf-radext-dynamic-discovery-00.txt

[Alan DeKok <aland@deployingradius.com>]

Glen Zorn wrote:
> Just out of curiosity, why are we doing this?  In the revision of RFC 3588,
> the dime WG has pretty much removed this capability because it was used by,
> well, no one.  If it actually used by EDU Roam, that's fine, but does it
> need to be standardized?

  I believe so.  There is interest in using this process inside of a
trusted network.

  e.g. An enterprise would configure NASes with CA && client
certificates.  The NAS would use DNS to discover the server, and then
use SSL to communicate with it.

  This has obvious benefits for operational networks.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>