[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

some comments on RADIUS Extension for Public Wireless LAN draft



Hi all,
I would like to give some comments on the paper draft-adrangi-radius-extension-for-pwlan-00.txt

- General comment is that the list of attributes could be applicable for both Diameter and RADIUS (probably this has already been given).

- In chapter 2.1 one of the fields is Operator-name, and it is proposed to have a prefix with the operator type. If the Operator-name must be globally known and unique, why is it needed this prefix ? I guess the HSN will check the correctness of this Operator-name with some list it will have, so it will be easy to know of the operator is GSM, WISP, or whatever. This comment comes because if some operator has more than one type (GSM and WISP, for example), I guess its PWLAN ANs will always advertise the prefix WISP to the HSN (if not the same GSM operator, of course), since a reasonable roaming rule in an HSN could be to choose preferably PWLAN ANs not owned by other GSM operators (which are their competitors).
Other question about this attribute: how does this fit with the SSID ? Is it supposed to be copied into one of the fields ?

- Other attribute which may be interesting is the intermediate network identity. If the user is roaming in other country (or network) and there is an intermediate network which the traffic is traversing, the identity of such network would be interesting to have in the home network, for example for roaming restrictions control. Note that the roaming restrictions can be applied not only to the WLAN ANs but also to the intermediate networks. A AAA in the intermediate network would be in charge of inserting this parameter. The reason to have this parameter on purpose (and not use existing parameters) is that it avoids RADIUS/Diameter (or vice versa) conversion problems.

- For roaming restrictions control, it would be interesting to have something (if it does not exist) to indicate to the PWLAN client that roaming is not allowed in certain PWLAN ANs. For example, after a user has chosen one PWLAN AN (using the SSID or EAP methods currently being discussed), the PWLAN AN sends to the HSN the Operator-name and in the lists in the HSN that operator appears as "barred". The HSN has to send an access-reject so that a new PWLAN AN is chosen. Is it enough for this with the Reply-message attribute ? I think no, since a new network advertisement process has to be initiated.

- Other important aspect is to indicate to the WLAN AN from the HSN to allow/block certain services in the WLAN AN, for example direct internet access. If the HSN wants to charge the user for internet access, this can be done directly from the WLAN AN (but in that case the WLAN AN gets some revenues) or the HSN operator can force the user to access internet through the HSN (in that case the WLAN AN does not charge for it). So the HSN could indicate to the WLAN AN that direct internet access is not allowed for that user. Is it needed a new attribute for this, or an existing one can be used ?

Best regards,
David.

This communication is confidential and intended solely for the addressee(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you believe this message has been sent to you in error, please notify the sender by replying to this transmission and delete the message without disclosing it. Thank you.

E-mail including attachments is susceptible to data corruption, interruption, unauthorized amendment, tampering and viruses, and we only send and receive e-mails on the basis that we are not liable for any such corruption, interception, amendment, tampering or viruses or any consequences thereof.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>