[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: review of draft-ietf-dhc-agentopt-radius-06.txt

To: aaa-doctors@ops.ietf.org
Subject: Re: review of draft-ietf-dhc-agentopt-radius-06.txt
From: Bernard Aboba <aboba@internaut.com>
Date: Wed, 28 Apr 2004 10:25:47 -0700 (PDT)

Draft -06 states:

"     The NAS truncates the RADIUS attributes to fit in the RADIUS
      Attributes sub-option.  For predictable behavior, the RADIUS
      server should be configured to return few than 255 octets of
      RADIUS attributes."

In RADIUS, a single attribute (such as User-Name) can be 253 octets, and
packets may be up to 4096 octets in length.  Since the draft does not
provide a way for the NAS to tell the RADIUS server that this
specification is implemented, it would seem like a RADIUS server
would always have to configured to return no more than 255 octets
of RADIUS attributes in order to function correctly.

That's a pretty major constaint on RADIUS server implementations.
I'm not sure why this is necessary, since RFC 3396 enables encoding of
long options in DHCPv4.

The draft also imposes other constraints on RADIUS implementations
using normative language.  Given that it is not possible for the RADIUS
server to know if this specification is being implemented, the effect
is to update RFC 2865.  This seems inappropriate to me.

Prev by Date: Pls review/comment on: draft-ietf-dhc-agentopt-radius-06.txt
Next by Date: RE: Pls review/comment on: draft-ietf-dhc-agentopt-radius-06.txt
Previous by thread: Pls review/comment on: draft-ietf-dhc-agentopt-radius-06.txt
Next by thread: Comments on dhc-agentopt-radius-06.txt
Index(es):
- Date
- Thread