RE: SPAM: AW: structured string attributes, RADEXT charter, Take 8

["Nelson, David" <dnelson@enterasys.com>]

Wolfgang Back writes...

> No. My position is that there are attributes that don't make sense if
they
> are used alone.
> 
> For example, User-Name can be used with or without User-Password.
> So, User-Name and User-Password are separate attributes.
> 
> On the other hand CHAP ident and CHAP response only make sense if they
are
> used together. So somebody grouped them into a single attribute. The
same
> applies for the HTTP digest extension.

Sorry for the delay in replying.  Our e-mail system had for some reason
labeled this post as SPAM.  (??)

OK.  I'm beginning to understand.  Maybe this is a terminology issue,
because I would not have considered the two parts of a CHAP response,
the ID, and the Hash, as separate "attributes" grouped together for
convenience.  When are two attributes independent?  I guess a
clarification would help, and we could certainly add that to the RADIUS
design guidelines document.   

> The last draft charter says, that anybody proposing structured string
> attributes must show that this does not break existing RfC-compliant
> implementations.

The desire is to avoid the "special case" situations, such as the CHAP
case, whenever possible.  Some of the proposals I've seen have
multipart, or "grouped" attributes, where the inter-part binding is not
as mandatory as the binding in the CHAP example.

> I think we are both - for different reasons - not very happy about it.
> This is one definition of a compromise.

Yes, it is.  :-)

-- Dave



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>