RE: FW: ISSUE: definition of RADIUS IPv6 "data types" arbitrary and unjustified

["Glen Zorn" <glenzorn@comcast.net>]

Alan DeKok [mailto:aland@deployingradius.com] writes:

> Alan DeKok wrote:
> > Glen Zorn wrote:
> >> However, simply examining the references shows that none of the RFCs
> cited
> >> define _any_ "data types".
> 
>   And to fore-stall any discussion about IPv6... 

By all means, since that was the subject of the comment.

> the RFCs referenced
> *do* define RADIUS "value" fields that carry IPv6 addresses.
> 
>   Since RFC 2865 defines the "value" field of attributes to carry "data
> types", 

Indeed it does, in section 5.  More specifically, it says "The format of the
value field is one of five data types."  Which of the five is "IPv6
Address"?  (It also ignores this statement almost entirely, as do the
majority of RADIUS RFCs.)

> and the IPv6 RFC you co-authored lists the "value" field as
> carrying an IPv6 address, the only possible conclusion is that you have
> personally created and defined the "ipv6 address" data type.

Let me see if I've got this straight: I, and my co-authors, were actually
_inventing_ new RADIUS data types but were just too stupid to know it;
further, it was OK back then to "invent" new RADIUS data types back then
(because you have given your stamp of approval) but now & forevermore it's
bad because you say so.  

> 
>   The alternative is to conclude that the document you wrote specifying
> the "value" field as an "IPv6 Address" does not, in fact, specify any
> data type for that field.

There is another, less anal-retentive alternative: that the string of octets
does, in fact, represent an IPv6 address.  That's it, and that's pretty much
what the RFC says.

> 
>   i.e. The statement that the field is an "Ipv6 address", and the
> definition of it as "Address of 16 octets" 

RFC 3126 does not contain those words.  

> should instead be
> interpreted
> to mean "string of undistinguished octets with no obvious meaning".
> 
>   The only possible way to conclude that IPv6 data types don't exist in
> RADIUS is to disown the documents that you wrote.  I expect that you
> will therefore shortly file errata for those RFCs, withdrawing all
> statements that the "value" field of IPv6 attributes have any meaning.

OK, so what is the "data type" of the Login-IPv6-Host Attribute?  

> 
>   I expect that you will, of course, also re-name the attributes at the
> same time.  For example, "NAS-IPv6-Address" should be renamed as
> "NAS-String-Of-No-Meaning".
> 
>   Alan DeKok.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>