[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Rationalizing the RADIUS data model

To: "Nelson, David" <dnelson@enterasys.com>
Subject: Re: Rationalizing the RADIUS data model
From: Jari Arkko <jari.arkko@piuha.net>
Date: Wed, 09 Jun 2004 10:44:09 +0300
Cc: radiusext@ops.ietf.org
In-reply-to: <A675D99D53706742B50619249A8EBF04FE2764@MAANDMBX2.ets.enterasys.com>
Organization: None
References: <A675D99D53706742B50619249A8EBF04FE2764@MAANDMBX2.ets.enterasys.com>
Reply-to: jari.arkko@piuha.net
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040316

Nelson, David wrote:

That is the $64,000 question.  In rationalizing the data models, one
assumes we mean that the same data models will be usable for VSA, SSA,
and potentially IETF-Extended-Attributes (IEA??).  Whether the set of
"universal" data format rules (the rationalized data model) is as
loosely defined, and as subject to liberal interpretation by
implementers, as the current rules for VSAs will be the crux of the
discussion on this subject, I rather suspect.

Yes.

One possible approach is the definition of a unified data model that is
more flexible than the current standard data types defined in RFC 2865,
but less flexible than the current VSA rules.  VSAs could still use the
original, loose VSA data model, but if there is an expectation that a
VSA might be promoted to an SSA or standard attribute, the developer
would be constrained to use the new universal data model.


I may not have anything better to suggest, but I would
note that there are still two problems with the above:

o  People's predictions of the fate of their small
   extensions are often bad; a lot of stuff that got
   developed as a private extension is still with us
   today.

o  Long-term, a model where the vendor-specific mechanisms
   are "better" (at least in perception or ease) than
   standard mechanisms does not encourage standardization.
   This could lead to important extensions defined by
   dominant vendors and industry consortiums.

But lets talk about the specifics. What, exactly, is the
current problem? Clearly, we have been impacted by the
small attribute space. This can be solved. What else?
Limited set of basic data types, lack of IPv6 address
for instance. This can be solved too, and I think we
can find consensus on these issues.

Structured data within an octet string, subfields in text
strings, subattributes? There's probably more to discuss
there. Personally, I think text strings will always have
some form of subfields. I would rather not have structured
data as "records", but subattributes might be doable,
particularly if they could be mapped to grouped AVPs
in Diameter. The rest could then be labeled as an
octet string; is there a reason why this type of a
model could not be adopted as _the_ model, for all
attributes?

--Jari

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- RE: Rationalizing the RADIUS data model
  - From: "Nelson, David" <dnelson@enterasys.com>

Prev by Date: Re: Rationalizing the RADIUS data model
Next by Date: Object identifier and type spaces in a rationalized RADIUS data model
Previous by thread: RE: Rationalizing the RADIUS data model
Next by thread: RE: Rationalizing the RADIUS data model
Index(es):
- Date
- Thread