[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: QoS attributes
I am not quite clear on how COPS is used as an authentication mechanism.
It seems to me that AAA is primarily about authentication (with
attributes, such as QoS, authorizing use of features by the session as a
whole) and COPS is about authorizing the features for the session on the
various network element that implement them. It is true that COPS needs
a way to determine the identity of the authorizer, but this would be the
'identity' of the AAA server, not the individual user.
Maybe that is what John meant, but it was not entirely clear to me.
Regards,
Ed
Ed Van Horne
Building Broadband Solutions Unit - San Diego
Cisco Systems
10935 Vista Sorrento Parkway
San Diego, CA 92130
858.526.1152
-----Original Message-----
From: owner-radiusext@ops.ietf.org [mailto:owner-radiusext@ops.ietf.org]
On Behalf Of Roy, Radhika R, ALABS
Sent: Wednesday, January 07, 2004 12:47 PM
To: john.loughney@nokia.com
Cc: avi@bridgewatersystems.com; dnelson@enterasys.com;
radiusext@ops.ietf.org
Subject: RE: QoS attributes
Hi, John:
I agree with you completely.
Now, it provides a clear direction how we should proceed with QoS
attributes in AAA (RADIUS/DIAMETER).
More importantly, this shows how both AAA (RADIUS/DIAMETER) and COPS
complement each other.
br,
Radhika
-----Original Message-----
From: john.loughney@nokia.com [mailto:john.loughney@nokia.com]
Sent: Wednesday, January 07, 2004 6:23 AM
To: Roy, Radhika R, ALABS
Cc: avi@bridgewatersystems.com; dnelson@enterasys.com;
radiusext@ops.ietf.org
Subject: RE: QoS attributes
Radhika,
> I think that COPS is a policy protocol, and policies related
> to QOS can also be used for distribution and enforcements.
> Similar may also be the case for security and accounting.
Agreed.
> However, DIAMETER/RADIUS is also used for authentication,
> authorization, and accounting (AAA).
Agreed.
> Here are the interesting points:
>
> 1. COPS for policies of authentication, authorization, and
> accounting including QOS.
OK.
> 2. DIAMETER/RADIUS for offering actual services for
> authentication, authorization, and accounting including QoS.
This I am not so sure of. I've always thought that Diameter /
RADIUS can be used to authorize QoS services. For example, if I've
subscribed to a service with Real-time QoS, Diameter could be used to
authorize my use of such a service. If I request a service that I am
not allowed to, then the authorization would fail.
> In item 2, I am lacking clear wordings here.
>
> The question is this: Can we not develop standards
> complementing both COPS and DIAMETER/RADIUS as they are also
> a part of IETF standard protocols?
Taking a systematic view, I would think that AAA protocols can do the
authorization & accounting side of any QoS-aware services. COPS can be
used inside of the network to transport QoS policies to the enforcement
points, to ensure that QoS parameters are not exceded.
John
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>