[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-jones-radius-geopriv



Hi there,

Keep in mind that any attribute that is required to be processed by RADIUS
should be easily parsable.  That is, an attribute that is used in
authentication or authorization would need to be  easily parsable so that we
don't take a processing hit.

Remember we are talking about 1000s authentication per second.


> -----Original Message-----
> From: Tschofenig Hannes [mailto:hannes.tschofenig@siemens.com] 
> Sent: Tuesday, February 17, 2004 4:38 AM
> To: 'John Schnizlein'
> Cc: radiusext@ops.ietf.org; geopriv@ietf.org
> Subject: RE: draft-jones-radius-geopriv
> 
> 
> hi john, 
> 
> thanks for your observation. 
> 
> i see the following ways to tackle this problem: 
> - forget xml and use a different encoding which is more "lighweight"
> - switch to diameter 
> - compress xml objects
> 
> i personally think that the privacy issues are worth thinking 
> about these options. 
> 
> ciao
> hannes
> 
> > -----Original Message-----
> > From: John Schnizlein [mailto:jschnizl@cisco.com]
> > Sent: Monday, February 16, 2004 1:53 AM
> > To: Tschofenig Hannes
> > Cc: radiusext@ops.ietf.org; geopriv@ietf.org
> > Subject: Re: draft-jones-radius-geopriv
> > 
> > 
> > I am sorry I quoted the wrong part of RFC 2865.
> > The length of an attribute is at most 255, one octet [page 25]. It 
> > seems unlikely that GML, or any XML, would be efficient 
> enough to be 
> > carried in a RADIUS attribute.
> > 
> > At 01:12 PM 2/10/2004, John Schnizlein wrote:
> > >> One concern, if this location configuration information 
> (LCI) is to 
> > >> be carried over RADIUS, is that the example in section 6 
> seems to 
> > >> be 993 characters long. This one attribute seems to be taking a 
> > >> large share of the maximum RADIUS packet size of 4096. 
> [RFC 2865, p 
> > >> 15] Is there enough room for everything else that would 
> be expected 
> > >> with this attribute?
> > 
> 
> --
> to unsubscribe send a message to 
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in 
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>