[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: "Last Look" at the RADIUS Design Guidelines document

To: "Bernard Aboba" <bernard_aboba@hotmail.com>, <radiusext@ops.ietf.org>
Subject: RE: "Last Look" at the RADIUS Design Guidelines document
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Date: Fri, 18 Dec 2009 20:17:45 -0800
In-reply-to: <BLU137-DS775603F234B606AC3D29393930@phx.gbl>
References: <BLU137-DS775603F234B606AC3D29393930@phx.gbl>

I gave the RADIUS Design Guidelines document a "last look".  I had not
looked at the document for a while and have not really been following
discussions on the document.  In general I think the document provides
some useful information.  There are a few places where I had issues with
the document.  I'm not sure if these are part of the IESG and Last call
comments or not.  

A. Section 2.1.3  

I did not find the discussion of complex attributes very compelling.
Its not clear to me what the difference between string and complex
attribute is.  If your RADIUS server supports string then it seems that
it would be possible to support a complex attribute without requiring a
"code change".  

B. Section 2.1.4

I'm not really sure what this section is trying to accomplish.  It seems
to be a lot about deployment guidelines instead of design guidelines.
I'm also not convinced that the use of complex attributes makes things
less secure.  It does not seem this section belongs in this document. 

C. Section 5

This section references section 2.1.4, however it does not seem there is
anything actionable for a protocol document to do with section 2.1.4. 

D. Section A.2.2

Since I did not agree with the motivation for section 2.1.3, I don't
find this section compelling. 

E. Section A.2.1

I don't see how defining a polymorphic attribute as multiple attributes
helps.  I'm probably missing something, do you have an example? 

> -----Original Message-----
> From: owner-radiusext@ops.ietf.org 
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Bernard Aboba
> Sent: Friday, December 04, 2009 7:23 AM
> To: radiusext@ops.ietf.org
> Subject: "Last Look" at the RADIUS Design Guidelines document
> 
> This is announcing a "Last Look" at the RADIUS Design 
> Guidelines document.  This "Last Look" will last until 
> 
> Friday, December 18, 2009.  
> 
>  
> 
> Since the Design Guidelines document has already completed 
> RADEXT WG last call (twice), IETF last call,
> 
> and IESG review (no outstanding DISCUSS comments), the 
> purpose of this "Last Look" is to confirm that
> 
> all Issues brought up in IETF last call and the IESG Issues 
> list (as noted in Draft Tracker) have been resolved. 
> 
>  
> 
> The document is available here:
> 
> http://www.ietf.org/id/draft-ietf-radext-design-10.txt
> 
>  
> 
> Please send comments relating to the document to the RADEXT 
> WG mailing list (radiusext@ietf.org). 
> 
> As usual, if you are submitting Issues, please utilize the 
> Issue format described in the RADIUS WG
> 
> Issue list (http://www.drizzle.com/~aboba/RADEXT )
> 
>  
> 
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: "Last Look" at the RADIUS Design Guidelines document
  - From: Bernard Aboba <bernard_aboba@hotmail.com>
- RE: "Last Look" at the RADIUS Design Guidelines document
  - From: Bernard Aboba <bernard_aboba@hotmail.com>
- Re: "Last Look" at the RADIUS Design Guidelines document
  - From: Alan DeKok <aland@deployingradius.com>

References:
- "Last Look" at the RADIUS Design Guidelines document
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>

Prev by Date: "Last Look" at the RADIUS Design Guidelines document
Next by Date: Re: "Last Look" at the RADIUS Design Guidelines document
Previous by thread: "Last Look" at the RADIUS Design Guidelines document
Next by thread: Re: "Last Look" at the RADIUS Design Guidelines document
Index(es):
- Date
- Thread